The public-cloud services offered by both Amazon and Microsoft have received new, higher levels of federal authorization to deal with sensitive data.
Microsoft’s Azure Government got a “provisional authorization” for DoD Impact Level 5 from the Defense Information Systems Agency ( DISA ), Microsoft said in a blog post today. The authorization will let Defense Department-affiliated organizations plan, assess, and authorize workloads involving unclassified national-security data.
The federal government has six levels of security for cloud data. Level 5 is second from the highest. Level 6 involves information classified as Secret.
Compliance with impact levels is supervised by DISA, which provides IT and communication support to the top members of the executive branch and to the military.
Microsoft has made a special effort to accommodate Azure to the federal government. It operates two logically and geographically distinct Azure Government regions (pairs or groups of data centers)exclusively for use by federal, state, or local governments. It also counts the U.S. Government among its biggest softwarecustomers, just last monthsigning a $927 million contract to provide technical support to DISA.
For its part, Amazon Web Services’ CloudWatch Logs — a service to monitor, store, and access log files from Amazon Elastic Compute Cloud (EC2) instances and other sources— has received provisional authority to operate at the FedRAMP High baseline within the AWS specially dedicated GovCloud (U.S.) region. This authority letsgovernment customers use CloudWatch Logs to process the government’s most sensitive unclassified data.
GovCloud (US) holds provisional authorizations at Impact Levels 2 and 4 but not 5.
Full details on federal cloud security can be found here . A shorter explanation is here.
Amazon Web Services is themost popular provider of computing and storage services over the internet. Azure is number two by most measures.