Category Archives : Government

30

Jun

Azure Cost Management + Billing updates – June 2020

Whether you’re a new student, thriving startup, or the largest enterprise, you have financial constraints and you need to know what you’re spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Azure Cost Management + Billing comes in.

We’re always looking for ways to learn more about your challenges and how Azure Cost Management + Billing can help you better understand where you’re accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

More flexibility for budget notifications. Subscribe to active cost recommendations with Advisor digests. Automate subscription creation in Azure Government. Subscription ownership transfer improvements. New ways to save money with Azure. New videos and learning opportunities. Documentation updates.

Let’s dig into the details.

 

More flexibility for budget notifications

You already know Azure Cost Management budgets keep you informed as your costs increase over time. We’re introducing two changes to make it easier than ever to tune your budgets to suit your specific needs.

You can now specify

Share

11

May

Automating cybersecurity guardrails with new Zero Trust blueprint and Azure integrations

In our day-to-day work, we focus on helping customers advance the security of their digital estate using the native capabilities of Azure. In the process, we frequently find that using Azure to improve an organization’s cybersecurity posture can also help these customers achieve compliance more rapidly.

Today, many of our customers in regulated industries are adopting a Zero Trust architecture, moving to a security model that more effectively adapts to the complexity of the modern environment, embraces the mobile workforce, and protects people, devices, applications, and data wherever they’re located.

Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to “never trust, always verify.” In a Zero Trust model, every access request is strongly authenticated, authorized within policy constraints, and inspected for anomalies before granting access. This approach can aid the process of achieving compliance for industries that use NIST-based controls including financial services, defense industrial base, and government.

A Zero Trust approach should extend throughout the entire digital estate and serve as an integrated security philosophy and end-to-end strategy, across three primary principles: (1) verify explicitly, (2) enforce least privilege access, and (3) assume breach.

Use the Azure blueprint for faster configuration of

Share

30

Apr

Azure Cost Management + Billing updates – April 2020

Whether you’re a new student, thriving startup, or the largest enterprise, you have financial constraints and you need to know what you’re spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Azure Cost Management + Billing comes in.

We’re always looking for ways to learn more about your challenges and how Azure Cost Management + Billing can help you better understand where you’re accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

Azure Spot Virtual Machines now generally available. Monitoring your reservation and Marketplace purchases with budgets. Automate cost savings with Azure Resource Graph. Azure Cost Management covered by FedRAMP High. Tell us about your reporting goals. New ways to save money with Azure. New videos and learning opportunities. Documentation updates.

Let’s dig into the details.

 

Azure Spot Virtual Machines now generally available

We all want to save money. We often look at our largest workloads for savings opportunities, but make sure you don’t stop there. You may

Share

28

Apr

Accelerating Cybersecurity Maturity Model Certification (CMMC) compliance on Azure

As we deliver on our ongoing commitment to serving as the most secure and compliant cloud, we’re constantly adapting to the evolving landscape of cybersecurity to help our customers achieve compliance more rapidly. Our aim is to continue to provide our customers and partners with world-class cybersecurity technology, controls, and best practices, making compliance faster and easier with native capabilities in Azure and Azure Government, as well as Microsoft 365 and Dynamics 365.

In architecting solutions with customers, a foundational component of increasing importance is building more secure and reliable supply chains. For many customers, this is an area where new tools, automation, and process maturity can improve an organization’s security posture while reducing manual compliance work.

In preparing for the new Cybersecurity Maturity Model Certification (CMMC) from the Department of Defense (DoD), many of our customers and partners have asked for more information on how to prepare for audits slated to start as early as the summer of 2020. 

Designed to improve the security posture of the Defense Industrial Base (DIB), CMMC requires an evaluation of the contractor’s technical security controls, process maturity, documentation, policies, and the processes that are in place and continuously monitored. Importantly, CMMC also requires

Share

25

Mar

Azure Government Secret accredited at DoD IL6, ICD 503 with IaaS and PaaS

Accelerate classified missions with unparalleled connectivity, high availability, and resiliency across three regions with more than 35 services

Azure Government Secret recently achieved Provisional Authorization (PA) at Department of Defense Impact Level 6 (IL6) and Intelligence Community Directive (ICD) 503 with facilities at ICD 705. We’re also announcing a third region to enable even higher availability for national security missions to stay ahead of their unique threats.

Built exclusively for the needs of US government and operated by cleared US citizens, Azure Government Secret delivers dedicated regions to maintain the security and integrity of classified Secret workloads while enabling reliable access to critical data. The first cloud natively connected to classified networks; Azure Government Secret enables customers to leverage options for private, resilient, high-bandwidth connectivity.

Protect national security production workloads with geodiversity across three regions

Azure Government Secret is designed for the unique requirements of critical national security workloads that cannot be served out of a single geographic location. To provide the geodiversity required, Azure Government Secret delivers across three dedicated regions for US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within Secret enclaves. These dedicated Azure regions are located over 500

Share

12

Nov

FedRAMP Moderate Blueprints helps automate US federal agency compliance

We’ve just released our newest Azure Blueprints for the important US Federal Risk and Authorization Management Program (FedRAMP) certification at the moderate level. FedRAMP is a key certification because cloud providers seeking to sell services to US federal government agencies must first demonstrate FedRAMP compliance. Azure and Azure Government are both approved for FedRAMP at the high impact level, and we’re planning that a future Azure Blueprints will provide control mappings for high impact.

Azure Blueprints is a free service that helps enable customers to define a repeatable set of Azure resources that implement and adhere to standards, patterns, and requirements. Azure Blueprints allow customers to set up compliant environments matched to common internal scenarios and external standards like ISO 27001, Payment Card Industry data security standard (PCI DSS), and Center for Internet Security (CIS) Benchmarks.

Compliance with standards such as FedRAMP is increasingly important for all types of organizations, making control mappings to compliance standards a natural application for Azure Blueprints. Azure customers, particularly those in regulated industries, have expressed a strong interest in compliance blueprints to help ease the burden of their compliance obligations.

FedRAMP was established to provide a standardized approach for assessing, monitoring, and authorizing cloud

Share

02

Oct

Over 100 Azure services support PROTECTED Australian government data

Today Microsoft published an independent security assessment of 113 Microsoft Azure services for their suitability to handle official and PROTECTED Australian government information. This assessment, carried out under the Information Security Registered Assessor Program (IRAP), is now available for customers and partners to review and use as they plan for increasing the use of cloud in government.

This milestone significantly expands the ability of the Australian government to leverage Microsoft Azure to drive digital transformation. The expanded scope of this IRAP assessment includes cognitive services, machine learning, IoT, advanced cybersecurity, open source database management, and serverless and application development technologies. This enables the full range of innovation within Azure Australia to be utilized for government applications, further reinforcing our commitment to achieving the broadest range of accreditations and assurances to meet the needs of government customers.

This assurance is critical for customers such as the Victorian Government, using ICT shared services provider Cenitex in partnership with Canberra-based OOBE to deploy VicCloud Protect, a ground-breaking and highly secure service that enables its government customers to safely manage applications and data rated up to PROTECTED level.

“VicCloud Protect is a first for the Victorian Government and our customers can now confidently

Share

22

Aug

IRAP protected compliance from infra to SAP application layer on Azure

This post was co-authored by Rohit Kumar Cherukuri, Vice President – Marketing, Cloud4C

Australian government organizations are looking for cloud managed services providers capable of providing deployment of a platform as a service (PaaS) environment suitable for the processing, storage, and transmission of AU-PROTECTED government data that is compliant with the objectives of the Australian Government Information Security Manual (ISM) produced by the Australian Signals Directorate (ASD).

One of Australia’s largest federal agencies that is responsible for improving and maintaining finances of the state was looking to implement the Information Security Registered Assessors Program (IRAP) which is critical to safeguard sensitive information and ensure security controls around transmission, storage, and retrieval.

The Information Security Registered Assessors Program is an Australian Signals Directorate initiative to provide high-quality information and communications technology (ICT) security assessment services to the government.

The Australian Signals Directorate endorses suitably-qualified information and communications technology professionals to provide relevant security services that aim to secure broader industry and Australian government information and associated systems.

Cloud4C took up this challenge to enable this federal client on the cloud delivery platforms. Cloud4C analyzed and assessed the stringent compliance requirements within the Information Security Registered Assessors Program guidelines.

Following internal baselining,

Share

25

Jul

Azure publishes guidance for secure cloud adoption by governments

Governments around the world are in the process of a digital transformation, actively investigating solutions and selecting architectures that will help them transition many of their workloads to the cloud. There are many drivers behind the digital transformation, including the need to engage citizens, empower employees, transform government services, and optimize government operations. Governments across the world are also looking to improve their cybersecurity posture to secure their assets and counter the evolving threat landscape.

To help governments worldwide get answers to common cloud security related questions, Microsoft published a white paper, titled Azure for Secure Worldwide Public Sector Cloud Adoption. This paper addresses common security and isolation concerns pertinent to worldwide public sector customers. It also explores technologies available in Azure to help safeguard unclassified, confidential, and sensitive workloads in the public multi-tenant cloud in combination with Azure Stack and Azure Data Box Edge deployed on-premises and at the edge for fully disconnected scenarios involving highly sensitive data. The paper addresses common customer concerns, including:

Data residency and data sovereignty Government access to customer data, including CLOUD Act related questions Data encryption, including customer control of encryption keys Access to customer data by Microsoft personnel Threat detection and prevention

Share

16

Apr

Announcing Azure Government Secret private preview and expansion of DoD IL5

Enabling government to advance the mission

Today we’re announcing a significant milestone in serving our mission customers from cloud to edge with the initial availability of two new Azure Government Secret regions, now in private preview and pending accreditation. Azure Government Secret delivers comprehensive and mission enabling cloud services to US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within Secret enclaves.

In addition, we’ve expanded the scope of all Azure Government regions to enable DoD Impact Level 5 (IL5) data, providing a cost-effective option for L5 workloads with a broad range of available services. With our focus on innovating to meet the needs of our mission-critical customers, we continue to provide more PaaS features and services to the DoD at IL5 than any other cloud provider.

For more than 40 years we have prioritized bringing commercial innovation to the DoD. We also continue to help our customers across the full spectrum of government, including every state, federal cabinet agency, and military branch, modernize their IT to better enable their missions.

Microsoft is helping customers across the full spectrum of government, including departments in every state, all the federal cabinet agencies, and

Share