Microsoft lets federal agencies take its newly operational Azure for presidency for a “shakedown cruise.”

Microsoft has begun giving a select group of federal customers the likelihood to lay Microsoft’s new government-only cloud service through a sequence of personal tests. “The processes, people, technology, and infrastructure are all in place. We wish real-world test loads,” for a shakedown cruise, said Greg Myers, VP of federal sales, in announcing the scoop Tuesday at Microsoft’s US Public Sector Federal Executive Forum in Washington. 

Although Microsoft’s commercial Azure cloud offering has received authority to function under the FedRAMP program for cloud services, the recent government platform — announced last fall and called Azure for presidency — has not yet been certified.

[Who’s seeking FedRAMP approval? Check the net portal. Read FedRAMP Cloud Security Approval: Look Who Applied.]

The government-only offering is housed in two specially constructed datacenters located within the America and isolated physically and logically from the general public cloud. All personnel shall be US citizens screened for moderate public trust clearance and the servers will house only data from federal, state, and native government customers. The brand new platform, although operational, just isn’t finished and may keep evolving to offer enhanced security, said Myers.

“We see this as a dynamic environment,” he said. “It’s very labor intensive, very capital intensive. It is not an atmosphere for the weak.”

A dynamic system is important to give adequate security, because defense in modern, complex systems requires the facility to reply and adapt, said David Aucsmith, senior director of Microsoft’s Institute for Advanced Technology for Governments.

Aucsmith, an author of the Defense Department’s 1985 Orange Book, Trusted Computer System Evaluation Criteria, said on the federal forum that when 30 years of trying, “i don’t think you may create a safe computer system.”

The complexity of IT systems makes it impossible to know them fully, and this complexity makes it impossible to specify conditions and requirements with enough granularity to make sure security, he said. Testing and built-in processes are necessary but not sufficient to verify security.

Because “we do not know what we do not know,” any static system turns into at risk of an adversary, Aucsmith added. The sole effective defense requires the facility to acknowledge and reply to threats, which contains keeping systems fully patched and up-to-date.

Because patching and updating IT systems in a massive enterprise is complex and time consuming, cloud platforms gives you enhanced security because dedicated staff can handle these jobs for multiple customers, and customarily deploy them more quickly, he said. Patches represent a healthy solution to combat adversaries. But when enterprises don’t apply the patches quickly — within about five days of release — hackers can get the higher hand by exploiting the vulnerabilities revealed by patches.

“Hackers today are better organized, certainly better financed, and outcome driven,” said forum guest speaker Tom Ridge, the previous Pennsylvania governor who helped lead the creation of the Homeland Security Department. “There’s still some people within the private sector that see a (cyber threats) as an IT problem rather than a business risk.”

Azure for presidency initially will host workloads with higher security clearances than usual and won’t take where of the industrial Azure offering, which still might be available to government customers. But Myers said that at last the hot platform would become the default for all government customers.

There is not any timeline for general availability of the brand new offering, however the next step within the rollout, a public preview, is anticipated in late spring.

Find out how a central authority program is putting cloud computing at the fast track to raised security. Also within the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.

William Jackson is a technology writer based in Washington, D.C. He was a journalist for greater than 35 years, most recently covering the $80 billion federal government IT sector for presidency Computer News. His coverage has ranged from architecture to international … View Full Bio

More Insights