In April Microsoft announced four new industry certifications for Microsoft Azure – CDSA for the digital media and entertainment industry, FISC for Japanese financial services organizations, DISA Level 2 for the US defense sector, and MTCS Level 3 for the Singapore government. Today I’m excited to share another four milestones specific to Azure Government:
- FedRAMP Moderate Provisional Authority to Operate (P-ATO)
- DISA Level 2 Provisional Authorization (PA)
- HIPAA Business Associate Agreement (BAA)
- Support for federal tax workloads under IRS Publication 1075.
All of these achievements apply to Azure Government customers immediately, enabling trusted cloud scenarios across a broad range of services. Azure Government delivers on the criteria necessary for government agencies and their partners to use cloud services, adding assurance that data will remain in US facilities, datacenter personnel have been screened according to strict guidelines, and continuous monitoring ensures effective incident detection and response.
FedRAMP Moderate P-ATO
Azure Government—including identity services (Azure Active Directory and Multi-Factor Authentication)—is now certified for US government customers. Receiving the P-ATO for Azure Government provides independent attestation that the cloud platform meets the rigorous standards and security requirements laid out in NIST 800-53.
DISA Level 2 PA
As part of our FedRAMP authorization, Azure Government has also been granted a PA for DISA Level 2 by the FedRAMP Joint Authorization Board (JAB). Department of Defense customers can place non-sensitive information and defense applications into Azure Government that require DISA Level 2.
Microsoft now contractually commits to meeting HIPAA requirements in Azure Government by providing a BAA addendum to enterprise agreements. US Government customers and partners can have confidence that PHI will be protected with best-in-class security and privacy capabilities and processes.
IRS Publication 1075
Many of our customers need the ability to process federal tax information. Azure Government provides the features, processes, and transparency that enables customers to achieve compliance with IRS 1075. Customers can review Azure Government’s IRS 1075 Safeguard Security Report, as well as a controls matrix that defines distributed accountabilities for certifying their solutions on Azure Government.
Looking to the Future
I’m excited about what these certifications mean for customers seeking to deploy environments on the most broadly validated cloud platform on the market today. With these announcements, Azure holds the largest number of industry, government and international certifications of any commercial cloud provider. For more information, please visit our Azure Trust Center