Microsoft has set up two new Azure cloud regions in the US – dubbed Azure Government Secret regions – to store data involving American national security. The services are in private preview, and are pending official government accreditation.
The Windows giant hopes the pair of regions will obtain a Dept of Defense Impact Level 6 badge, which would allow it to store and process information classified as secret. It is also looking for Intelligence Community Directive (ICD 503) accreditation.
Each region consists of at least two availability zones, and each availability zone lives on its own individual server farm.
The Azure Government Secret data centers are so secret Microsoft doesn't disclose their location, only stating on Thursday that they are located more than 500 miles apart.
The new regions join Microsoft's six existing Azure Government regions, which have now been certified as IL5, which means they are suitable for controlled but unclassified information.
"With our focus on innovating to meet the needs of our mission-critical customers, we continue to provide more PaaS features and services to the DoD at IL5 than any other cloud provider," said Lily Kim, general manager for Azure.
The tech titan claims its cloud services are used by nearly 10 million people toiling for Uncle Sam, across more than 7,000 government agencies.
Uncle Sam █████████ cloud so much, AWS █████████ it another kinda-secret data centerREAD MORE
So what makes a data center fit for restricted and secret government info? Microsoft said it's down to secure, native connections to classified networks, hardware encryption and storage of cryptographic keys, storage and compute isolation capability – with every virtual machine sitting on its own physical node – and personnel consisting of security-cleared US citizens, among other things.
The announcement this week comes at a time when the US government is working hard to consolidate and modernize its IT footprint, in line with the requirements of the Federal Technology Acquisition Reform Act (FITARA) and its extension, the Data Center Optimization Initiative (DCOI).
Since 2014, these initiatives have helped 24 federal agencies close 6,250 data centers - although the definition of a data center, in this case, is any room with at least one server in it.
More recently, the 2018 'Federal Cloud Computing Strategy — Cloud Smart', the first cloud policy update in seven years, promoted public cloud as a more than adequate alternative to on-premises data centers run by government agencies.
"To keep up with the country’s current pace of innovation, President Trump has placed a significant emphasis on modernizing the federal government," said Suzette Kent, federal CIO.
"By updating an outdated policy, Cloud Smart embraces best practices from both the federal government and the private sector, ensuring agencies have capability to leverage leading solutions to better serve agency mission, drive improved citizen services and increase cyber security."
Another cloud vendor that is competing for government secrets is AWS: Microsoft beat its competitor to the punch when it became the first hyperscale cloud vendor to obtain Impact Level 5 provisional authorization, but it was AWS that managed to open first cloud data centers with provisional IL6 in late 2017.
Both cloud behemoths are competing for JEDI, the controversial ten-year contract to provide cloud services to the Pentagon, worth up to $10bn and designed for just one vendor. Amazon has been widely seen as the front-runner in the race, while IBM and Oracle both complained that the contract was anti-competitive; Oracle even challenged it in a federal court. ®