Government Requirements for a Secure Cloud

Posted by Ron Markezich
Corporate Vice President, Microsoft Online Services 

(Cross-posted from Microsoft Online Services team blog)

This week, U.S. Chief Information Officer Vivek Kundra unveiled the federal government’s vision for cloud computing, beginning with Apps.gov, an online marketplace that will enable federal agencies to find and purchase cloud-based IT services. This is a smart move by the government to streamline procurement for new cloud-based solutions and lower costs.  In response, industry vendors are announcing future “dedicated” cloud services designed to meet the government’s security and privacy standards.

While other companies are just now developing – or announcing – their secure cloud strategies, Microsoft has built security and privacy into our offerings from the start. Available since 2006, Microsoft’s Business Productivity Online Suite (a part of Microsoft Online Services) “dedicated” cloud environment has been deployed and in use by a variety of businesses and government organizations with intense security and privacy requirements – such as GlaxoSmithKline and the City of Carlsbad, Calif.

The story doesn’t end there – not even close. We continue to make our customer’s security and privacy a top priority. Here is how…Microsoft’s facilities and operational infrastructure are ISO27001 certified today. The Microsoft Online Business Productivity Online Suite (BPOS), operated under the same program, is aggressively pursuing ISO certification to be achieved by end 2009. In addition to meeting this International Standard, we anticipate that the Business Productivity Online Suite will achieve FISMA Accreditation in Q1 2010.  We understand that all organizations – not just government entities on a dedicated cloud – want a high level of validated security and privacy, so these accreditations will exist for the services we provide all of our customers.

Microsoft isn’t new to government. For more than 25 years we have worked in close partnership with federal agencies, as well as the largest of enterprises, to meet sophisticated security, privacy and compliance expectations. Today, a range of federal, state and local government agencies are using Microsoft cloud-based solutions for mission-critical requirements. As the federal government begins to increasingly explore online tools and services, Microsoft will continue to provide flexible and reliable solutions that meet or exceed government security demands. Microsoft’s approach to cloud computing enables government customers to continue to use familiar user interfaces, such as the Microsoft Office system, while allowing customers to quickly move to the cloud, using Microsoft as a partner across all delivery models – cloud and on-premises – in a broad set of solutions,  across the PC, mobile phone, and browser.

Apps.gov is a great first step. We look forward to including Microsoft Online Services in that catalog and, with our partners, continuing to be committed to our governments computing needs.