Microsoft has secured what could be a major coup for its Windows Azure cloud platform and possible governmental use in the United States.Susie Adams, chief technology officer for Microsoft Federal, announced on The Official Microsoft Blog that her company was notified that “Windows Azure was granted the FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO).” That earns Azure the distinction of being “the first public cloud platform, with infrastructure services and platform services, to receive a JAB P-ATO,” she noted.
The Federal Risk and Authorization Management Program (FedRAMP) is a security assessment, authorisation and monitoring program that governs the implementation of federal cloud services. The FedRAMP Joint Authorization Board consists of the chief information officers (CIOs) of the Department of Defense, the Department of Homeland Security and the US General Services Administration.
US federal cloud spending is expected to ramp up in the coming years, according to a recent forecast included in a report from IDC’s Government Insights division. While private clouds are expected to lead the category – $1.7 billion (£1bn) in spending during 2013, reaching nearly $8 billion (£5bn) by 2017 – public clouds will notch some gains.
After a period of flat federal cloud expenditures, which are forecast to last throughout 2014, the market will take off, according to Shawn McCarthy, research director at IDC Government Insights. “Investments should reach a critical mass around 2015 and beyond. A new emphasis on cloud solutions is expected to return within the next 18 months, and private cloud investments should approach $7.7 billion (£4.7bn) by FY2017,” he said in a statement.
The research firm expects federal public cloud spending to grow from $110.4 million (£68m) in 2012 to over $118.3 million (£73m) in 2014. The report portrayed private clouds as “the top choice when it comes to federal cloud solutions” by their intrinsic security, control and privacy advantages. In receiving a JAB P-ATO, Windows Azure is narrowing the security gap with private clouds.
Matt Goodrich, program manager for FedRAMP’s Program Management Office at the US General Services Administration, said in a statement that “Microsoft’s provisional authorisations for Windows Azure [demonstrate] that different types of cloud services – public to private and infrastructure to software – can meet the rigorous security requirements for FedRAMP.”
Security Approvals
Noting that Azure had obtained “the highest level of FedRAMP ATO available,” Adams suggested that her company’s underlying cloud technology platform puts more Microsoft services in contention for government IT contracts. She asserted in company remarks that “Windows Azure and its underlying data centres will help pave the way for FedRAMP P-ATOs for even more Microsoft cloud services.”
Microsoft isn’t focusing on just the feds in its efforts to bolster Windows Azure security. On 26 September, the company announced that Windows Azure multifactor authentication had entered into general availability, enabling IT organisations to add another layer of protection to data stored on Microsoft’s cloud by thwarting unauthorised attempts to access Azure accounts.
Multifactor authentication available on Windows Azure cloud
Microsoft is pricing the service at $2 per month per user for unlimited authentications.Microsoft has announced the general availability of multifactor authentication on its Windows Azure cloud platform.
Besides using a user name and password, users can authenticate through an application on their mobile device, automated voice call, and a text message with a passcode, Microsoft said Thursday.
Windows Azure multifactor authentication can be used for applications that require additional security, including on-premises VPNs and Web applications. Users have to run the multifactor authentication server on existing hardware or in a Windows Azure Virtual Machine. Users can synchronize with their Windows Server Active Directory for automated user set up.
The authentication can also be used for cloud applications like Windows Azure, Office 365, and Dynamics CRM. Users have to enable multifactor authentication for Windows Azure AD identities "with the flip of a switch," and will be prompted to set up multifactor the next time they sign-in, Microsoft said. Users can also use the Azure SDK (software development kit) to build multifactor authentication phone call and text message authentication into their application's sign-in or transaction processes.
Competitor Amazon Web Services already offers multifactor authentication free to its users for use with their AWS account. Customers are however charged if they use a physical authentication device that will need to be purchased from Gemalto.The Microsoft service on Azure is charged at two pricing options: US$2 per user per month for unlimited authentications or $2 for 10 authentications. A promotional offer cuts the price by half until Oct. 31.
0 comments:
Post a Comment