Today we are excited to announce the general availability of Microsoft Azure Government. We announced the Private Preview of Azure for Government at the Microsoft Federal Executive Forum in March, 2014. Since then, over one hundred government customers and solution providers put Azure Government through testing and evaluation, and their valuable input helped drive engineering efforts that better enable Azure Government to meet key scenarios and requirements.
We have been delighted with the customer input regarding the service we built. Azure Government was designed and built from the ground up for public sector customers, leading to some key capabilities worth highlighting:
- Isolation– All aspects of Microsoft Azure Government’s hyperscale infrastructure, including the datacenter, hardware, network and software, are isolated to meet the unique compliance standards of the U.S. public sector. This isolation covers all physical, logical and network components of the service.
- Community – Azure Government is restricted to only a targeted set of government agencies and their solution providers, including federal, state, local, tribal and the Department of Defense.
- Security – Datacenters are secured using physical, logical and procedural controls. Important controls include secured access control to the datacenter, second person screened escorts, aisle cameras, and secured cabling. All security controls are audited and logged.
- Screened personnel– Operations and support are performed by personnel who are United States persons, who have been background screened. These personnel are based in redundant Service Operating Centers (SOCs), which are greater than 500 miles apart.
- Continental United States– All customer data, content, and organizational data (both at rest and in transit); all hardware, networking and other physical infrastructure; and all personnel reside in the Continental United States (CONUS).
- Business continuity - Datacenters are physically isolated from other cloud services and geographically distributed more than 500 miles apart. This enables geo-replication and integrity between locations that supports business continuity and disaster recovery.
- East Coast region – Azure Government has an East Coast region in order to be in close proximity to customers and to, provide efficient high speed connections to Washington D.C. and surrounding areas.
Azure is committed to achieving certifications and accreditations that are required of our U.S. public sector customers with Azure Government offering a comprehensive compliance roadmap including:
- United States Federal Risk and Authorization Management Program (FedRAMP)
- Defense Information Systems Agency (DISA)/Enterprise Cloud Service Broker (ECSB)
- International Traffic in Arms Regulations (ITAR)
- Criminal Justice Information Services (CJIS)
- Health Insurance Portability and Accountability Act (HIPAA)
- Internal Revenue Service Publication 1075 Tax Information Security Guidelines for Federal, State and Local Agencies and Entities
- 21 CFR Part 11 and Annex 11 (FDA)
Azure Government is one of the first commercial infrastructure cloud platforms to meet Criminal Justice Information Services (CJIS) certification requirements for state and local governments, expanding the scope of coverage to state agencies already using Microsoft Office 365 for CJIS workloads. Detailed, current information on Azure Government compliance is available at azure.com/trustcenter.
Another benefit of Azure Government is that applications created for Azure work natively on Azure Government. Azure Government includes a broad spectrum of Azure services, including IaaS, PaaS, Storage, VNETs, Azure Active Directory and SQL DB. As new features and compliance standards are added to Azure Government, we will continue to communicate them from this blog.
Specifically for government,Azure Active Directory for Government offers a physical and logically isolated namespace partition, allowing the identities of users to be stored at rest in Microsoft Azure Government. At the same time, identities can be used to authenticate with on-premises solutions, as well as single sign-on to Microsoft cloud offerings.
As mentioned above, Azure Government is already in use by over 100 government agencies and providers. Some key scenarios Azure Government enables include:
- Audio & Video Surveillance– Microsoft Azure Government provides the capabilities and infrastructure to operate a cloud-based video platform for live events and video on demand, including streaming coupled with real-time alerts and monitoring for essential workloads in public safety/law enforcement.
- Big data & analytics – Storage services for public sector entities includelogging, archival and data storage, and elastic analysis of structured, semi-structured and unstructured data that can be queried using languages such as, C#, Java, .NET, and more. Azure Government provides cost-effective data storage with built-in data redundancy capabilities available that replicate data into two physical datacenters that are at over 500 miles apart.
- Private network connections to Azure Government (preview) – Azure Government enables you to create secure virtual and private connections between Azure Government and infrastructure that is on-premises in your agency or in a government colocation environment. This capability is consistent with the same security, compliance and personnel principles outlined above.
- Development and test – Azure Government provides the capability for development and test teams to enable virtual machines holding test benches, integrated development environments, and other development tools on demand. This allows agencies to save time and money by enabling environments and access development tools on demand, eliminating the need to procure and support costly hardware and configuration, as well as deploy segregated environments for testing applications.
We are very excited to be delivering Azure Government. If you are a government agency or solution provider we would encourage you to try Azure Government for yourself. We are accepting e-mail applications from U.S. government agencies and solutions providers at AzureGov@microsoft.com. As a U.S. government entity, you can purchase Azure Government from your Licensing Service Provider (LSP) – learn more at how to buy: federal agencies or how to buy: state and local government entities. To learn more about Microsoft Azure Government, please visit Azure.com/Government.
Tom Keane
Partner Director, Program Management, Microsoft Azure