Skip to main content
Industry

Security at the center of mobile-first, cloud-first world

Recently I had the privilege of introducing our Microsoft CEO Satya Nadella as he spoke to nearly a thousand government decision makers about a new approach to security for enterprise organizations of today.  Satya shared how Microsoft’s built-in security technologies work in tandem with each other and those of the security ecosystem to deliver a holistic, agile, security platform for the enterprise.

Foundation of compliance

Enterprise security is not a new subject to our government customers. Indeed, government has for years been driving toward ensuring secure enterprise environments via the strong compliance frameworks they’ve established.  They are now applying the framework to the evolving cloud-based world.

At Microsoft, we strive to not only meet but exceed these standards in our cloud technologies.  This includes a commitment to industry-leading certifications such as FedRAMP, DISA, IRS 1075, ECSB, CJIS and HIPAA. Our compliance framework contains test and audit phases, security analytics, risk management best practices, and security benchmark analysis to achieve certificates and attestations.

And it is paying off. With more than 30 certifications and attestations across Azure and Azure Government, in addition to the FedRAMP ATO milestones reached by Office 365, Microsoft meets the most stringent compliance standards in the world and is the only major cloud provider in the U.S. that has contractually committed to the FBI’s Criminal Justice Information Services Security Policy.

The security-first approach is what has given our government customers confidence to move to the cloud – and with Microsoft.  Nearly every cabinet-level Federal agency, in whole or in part, is moving to the Microsoft cloud, along with more than 4500 government agencies across the U.S.   It’s the Microsoft technologies, working together and with partner solutions from across the security ecosystem, that deliver a holistic, agile, security platform.

 

Protection Program

In addition to the work we are doing ensure that Microsoft’s cloud technologies are built with security in mind from the ground up, Microsoft also commits to the programs necessary to improve security protection.  With vulnerabilities posing serious threats to citizens and national economies, governments across the globe are facing new and increasing grievous threats.   Since its beginning, Microsoft has been committed to building a safe and trusted digital environment by working to address the unique security needs of governments worldwide.  That is why we invest in Government Security Program (GSP) agreements with more than 40 agencies from 25 governments around the globe.

The GSP is a program designed to help governments evaluate and protect existing systems and create, deploy, and maintain more secure infrastructure.  Fostering partnership and trust between industry and government, it is open to government agencies regardless of a commercial contract with Microsoft and is an important part of what we consider to be our duty as global citizens.

Comprehensive approach

From the security features across Windows 10 to innovations in Office 365, Microsoft Azure, and Microsoft Enterprise Mobility Suite (EMS), Microsoft’s security and identity technologies are becoming government customers’ cloud technology tools of choice – not only to meet the high mission demanded in the work that our government customers do every day, but to do so with the highest focus on security.  We have built an intelligent security graph to better protect all endpoints and better detect attacks and accelerate response as threats continue to evolve.  Combining our vast intelligence resources and tools is helping to create and promote more secure computing infrastructures and safer digital environments around the world.

Government customers can continue to take action on their side – to improve their security posture today by moving to the cloud, adopting modern platforms and embracing comprehensive identity, security and management solutions.

If you may have missed it earlier this month, I encourage our government customers to read this blog by Bret Arsenault, Microsoft’s Chief Information Security Officer, as he details the broad and deep way that Microsoft technologies work in tandem with each other, and with solutions from the security ecosystem, to deliver a holistic, agile, security platform for today’s enterprise.