Late last year, Microsoft announced it would start hosting its Azure cloud computing platform and some of its other cloud-based services out of local data centers in both Germany and Canada.
Both of these new regions, Azure Canada and Azure Germany, are now officially in preview.
To ensure data sovereignty in Germany, Microsoft partnered with Deutsche Telekom subsidiary T-Systems as its local data trustee. The Germany region will also be operated in partnership with Deutsche Telekom under the “Azure Deutschland, a Microsoft cloud with German data trustee” moniker.
Microsoft plans to bring Azure, as well as Office 365 and Dynamics CRM, to both its new Canada and Germany regions. In addition, as the company announced today, Germany will also get a locally hosted version of the Azure IoT Hub; this service, too, is now available in early preview though Microsoft Azure Deutschland.
Azure for the Pentagon
In addition to these international regions, Microsoft today announced the launch of two new Azure regions in the United States — but you probably will never get access to these.
These two new physically isolated regions, which will become available later this year, are part of Azure Government and are meant to host Department of Defense (DoD) data. These regions will meet the Pentagon’s Defense Information Systems Agency (DISA) Impact Level 5 restrictions and are, according to Microsoft, “architected to meet stringent DoD security controls and compliance requirements.”
Level 5 data includes controlled unclassified information. Classified information (up to “secret”) can only be stored on systems that fall under the Level 6 classification. To gain Level 5 authorization, cloud providers must ensure that all workloads run (and all data is stored) on dedicated hardware that is physically separated from non-DoD users.
Microsoft competitor Amazon also currently offers DISA compliance, but only for Level 2 and Level 4 workloads (after a change last year, the Pentagon eliminated Levels 1 and 3).
Microsoft isn’t the first organization to receive Level 5 authorization, though. That honor belongs to IBM, which received Level 5 authorization almost exactly one month ago.
In addition to its new work with the DoD, Microsoft is expanding its support for FedRAMP, the standard that governs which cloud services federal agencies are able to use. The company today announced that Azure Government has been selected to participate in a new pilot that will allow agencies to process high-impact data — that is, data that could have a negative impact on organizational operations, assets or individuals. Until now, FedRAMP only authorized the use of moderate impact workloads. Microsoft says it expects all the necessary papers for this higher authorization will be in place by the end of this month.
Azure Government is also on track to receive DISA Level 4 authorization soon.