Governments around the world are in the process of a digital transformation, actively investigating solutions and selecting architectures that will help them transition many of their workloads to the cloud. There are many drivers behind the digital transformation, including the need to engage citizens, empower employees, transform government services, and optimize government operations. Governments across the world are also looking to improve their cybersecurity posture to secure their assets and counter the evolving threat landscape.
To help governments worldwide get answers to common cloud security related questions, Microsoft published a white paper, titled Azure for Secure Worldwide Public Sector Cloud Adoption. This paper addresses common security and isolation concerns pertinent to worldwide public sector customers. It also explores technologies available in Azure to help safeguard unclassified, confidential, and sensitive workloads in the public multi-tenant cloud in combination with Azure Stack and Azure Data Box Edge deployed on-premises and at the edge for fully disconnected scenarios involving highly sensitive data. The paper addresses common customer concerns, including:
Data residency and data sovereignty
Government access to customer data, including CLOUD Act related questions
Data encryption, including customer control of encryption keys
Access to customer data by Microsoft personnel
Threat detection and prevention
Private and hybrid cloud options
Cloud compliance and certifications
Conceptual architecture for classified workloads
For governments and the public sector industry worldwide, Microsoft provides Azure – a public multi-tenant cloud services platform that government agencies can use to deploy a variety of solutions. A multi-tenant cloud platform implies that multiple customer applications and data are stored on the same physical hardware. Azure uses logical isolation to segregate each customer's applications and data from those of others. This approach provides the scale and economic benefits of multi-tenant cloud services while rigorously helping prevent customers from accessing one another's data or applications.
A hyperscale public cloud provides resiliency in times of natural disaster or other disturbances. The cloud provides capacity for failover redundancy and empowers sovereign nations with flexibility regarding global resiliency planning. A hyperscale public cloud also offers a feature-rich environment incorporating the latest cloud innovations such as artificial intelligence, machine learning, Internet of Things (IoT) services, intelligent edge, and more. This rich feature set helps government customers increase efficiency and unlock insights into their operations and performance.
Using Azure’s public cloud capabilities, customers benefit from rapid feature growth, resiliency, and the cost-effective operation of the hyperscale cloud while still obtaining the levels of isolation, security, and confidence required to handle workloads across a broad spectrum of data classifications, including unclassified and classified data. Leveraging Azure isolation technologies, as well as intelligent edge capabilities (such as Azure Stack and Azure Data Box Edge), customers can process confidential and sensitive data in secure isolated infrastructure within Azure’s multi-tenant regions or highly sensitive data at the edge under the customer’s full operational control.
To get answers to common cloud security related questions, government customers worldwide should review Azure for Secure Worldwide Public Sector Cloud Adoption. To learn more about how Microsoft helps customers meet their own compliance obligations across regulated industries and markets worldwide, review “Microsoft Azure compliance offerings.