Department of Defense gets physically isolated clouds built to DISA Level 5
Microsoft is setting up data center regions specifically for the US military, designed to meet specific security demands.
In amongst the announcement this week that Microsoft was updating its Azure Government cloud to meet new levels of security and operations was the notice that it will be adding two new data center regions specifically for the use of the United States Department of Defense. The two new regions will be deployed in an unspecified existing Microsoft Azure Government data center, be physically isolated, and designed to meet the standards for Defense Information Systems Agency Impact Level 5.
Matt Rathbun, Microsoft
While the Azure Government cloud is about to be provisionally approved for DISA Impact Level 4, which is necessary for the cloud to be used to process controlled unclassified information (CUI) the new regions are targeted to meet the standards for Impact Level 5, which requires physical isolation with more stringent access controls and a specific set of compliance requirements. The new regions, to be called US DoD East and US DoD West are being designed to meet the requirements spelled out in the DoD Cloud Security Requirements Guide.
Impact Level 5 is the highest level of security for unclassified data; the next step up the scale is classified material. The Azure regions for this level are expected to become available later this year. In his Microsoft blog, Matt Rathbun, cloud security director, cloud health & security engineering explains that the Azure cloud was selected to participate in the FedRAMP High Pilot to build the High Impact Baseline, explaining how this will enable Azure to be used by all levels of government agency for a broad range of data and processing requirements.
He quotes Matt Goodrich, director for FedRAMP’s Program Management Office at the US General Services Administration, to highlight the significance of the selection to be one of the cloud services authorized to operate at this level.