Modernizing Authentication — What It Takes to Transform Secure Access
Microsoft made a low-key cloud announcement last week that could have a big impact on how it competes for cloud computing accounts.
With little fanfare, the company announced Office 365 for Government. Essentially a cloud-enabled version of the software giant's productivity and collaboration software, the service will make Exchange Online, Lync Online, SharePoint Online, and Office Professional Plus available to government customers.
If it all sounds familiar, there's a good reason.
Two years ago, Microsoft launched a similar service for U.S. federal government agencies called Business Productivity Online Suite Federal. Office 365 for Government is the successor to that offering -- and in its unveiling, Microsoft is spotlighting the issues that already tripped up a major competitor: data security and privacy.
Security and Privacy at the Forefront
Shedding IT procurement, server management, and software licensing burdens and subscribing to a cloud service can be a compelling proposition for government agencies faced with tightening budgets. But as Google discovered, government customers demand more than just cloud-based versions of their business tools.
After landing a big email contract that would affect 30,000 city workers in Los Angeles, Google witnessed its contract getting scaled back after the police department objected to the technology change. In the city's view, Google's cloud couldn't meet the data security and confidentiality requirements that govern the handling of sensitive legal data.
Keen to not let such complications hamper adoption, Microsoft's Corporate Vice President of the Office Division, Kirk Koenigsbauer, spelled out the many data security standards and precautions that the service adheres to. "Today, Office 365 supports the most rigorous global and regional standards," writes Koenigsbauer in a company blog post.
That laundry list includes high-profile US federal guidelines such as the US Federal Information Security Management Act (FISMA), US Health Insurance Portability and Accountability Act (HIPAA), and the US Family Educational Rights and Privacy Act (FERPA). According to Microsoft, Office 365 also supports ISO 27001, SAS70 Type II, EU Safe Harbor, and EU Model Clauses.
Further calming security fears, Koenigsbauer informs that the multi-tenant service is hosted on a segregated cloud across high-security, geographically dispersed data centers. Furthermore, IPv6 support for Office 365 is expected to go live in September to accommodate the shift to the next-gen networking standard.
Microsoft also seems conscious of the concerns that drove the LAPD away from Google. Koenigsbauer's team is currently working on making Office 365 for Government compliant with Criminal Justice Information Security (CJIS) policies.