Does Azure commercial follow FEDRAMP guidelines?

This is the first question that will always be asked if you are setting up Azure for a client that works with government.

Both Azure and Azure Government uses same security controls. They are accessed and authorized at the FedRAMP high impact level. Azure Government provides an additional layer of protection to customers to screened US persons. This is used to store and process data subject to US export control regulation’s such as EAR, ITAR, and DoE 10 CFR Part 810.

Refer to this Microsoft article for details;

https://azure.microsoft.com/en-us/blog/all-us-azure-regions-now-approved-for-fedramp-high-impact-level/

Take time to see which environments meet your needs. Many people are surprised at how robust the Azure [commercial] compliance space is. https://www.microsoft.com/en-us/trustcenter/compliance/complianceofferings

Resources;

Choosing the right Azure Environment – Should I use the Public or the Government Cloud?

Add to favorites

Spread the love

Author: Shahzad Khan

Software developer / Architect View all posts by Shahzad Khan