Microsoft has released a new program in support of its Azure Government offering to help government agencies and third-party providers comply with regulations when they use the service.
The initial release of Azure Blueprint program is designed to help information system security officers define responsibilities for each security control in a cloud ecosystem, Microsoft’s Nate Johnson wrote in a blog post published Wednesday.
Azure Blueprint contains documentation to help customers put on record their security control implementations as part of their individual agencies’Â Authorization to Operate processes.
Program managers, ISSO and other security personnel use the Federal Risk and Authorization Management Program Moderate baseline Customer Responsibility Matrix and system security plan template to document system-specific security controls within Azure Cloud.
Azure Government holds a provisional authority-to-operate based on Microsoft’s internal security processes and customers use the authorization to minimize security responsibilities in a cloud environment.