Four questions every law enforcement agency needs to ask before choosing a cloud provider
From intelligent policing with the New York Police Department’s Domain Awareness System, to body camera systems across the country, to day-to-day mobile police collaboration in San Bernardino County, cloud computing is transforming the way law enforcement agencies approach their work. Yet not all cloud providers are created equal. As law enforcement agencies embrace the cloud, they need a cloud service provider they can trust. The core of the law enforcement mission demands partners committed to meeting a full range of security and operational needs. Before entrusting your information to a cloud provider, be sure to ask the following four questions:
1. Does the cloud provider have a contractual commitment to critical compliance standards?
Microsoft takes a more rigorous approach to cloud compliance than any other enterprise cloud services provider on the market. We are the hyper-scale cloud provider that sets the standard for contractual commitments to the FBI’s Criminal Justice Information Services (CJIS) security policy requirements for federal, state, and local governments. While other cloud providers have simply stated that they’ve read and met the requirements of the CJIS security addendum, Microsoft has been continually working with federal and state regulators to address CJIS compliance, signing agreements that legally commit us to meeting these requirements.
Moreover, Microsoft complies with the requirements of the IRS 1075 Standard, used by the Internal Revenue Service to protect personal and financial information against unauthorized use, inspection, or disclosure.
Finally, Microsoft has requested a Provisional Authority to Operate certification for the Federal Risk and Authorization Management Program (FedRAMP) High, which we expect to receive within the next month. As Matt Goodrich, the director of FedRAMP’s Program Management Office, put it: “Selecting Microsoft Azure Government to participate in FedRAMP’s High Impact baseline pilot and its forthcoming Provisional Authority to Operate (P-ATO) from the FedRAMP Joint Authorization Board (JAB) are testaments to Microsoft’s ability to meet the government’s rigorous security requirements.”
2. Does the cloud provider have a proven track record of delivering enterprise-level security?
Unlike other major cloud providers, all of which are relatively new to working with enterprises, Microsoft has a quarter-century track record of delivering highly secure, compliant solutions. In 1989, we launched the first Microsoft datacenter. In 1996, we opened the Microsoft Security Response Center to advance Microsoft product security. In 2002, we started the Trustworthy Computing initiative to deliver secure, private, and reliable computing And in 2005, we introduced the Microsoft Malware Protection Center to help protect and defend our customers from malware. Microsoft’s Digital Crimes Unit partners with law enforcement agencies around the world to stop cybercrime, protect the most vulnerable members of society, and drive a safer digital world. For more than 25 years, we’ve honed and improved our security, privacy, and compliance processes, offering law enforcement customers unparalleled expertise and commitment when it comes to delivering a highly secure cloud platform.
Competitive cloud providers may have a compelling data storage solution. Or perhaps they offer cloud-based productivity. But while they may be strong in some areas, they’re inevitably weak in others. Microsoft provides all the leading-edge capabilities that customers need. Our comprehensive cloud computing platform offers cloud infrastructure as a service (IaaS), application platform as a service (PaaS), and productivity tools like Microsoft Office 365 offered as a software-as-a-service (SaaS) solution. The platform also includes Azure Active Directory, the identity and access management service used by the vast majority of today’s enterprises, which is built directly into our Microsoft Cloud for Government solution. With the full range of mission-critical capabilities included in our cloud platform, law enforcement agencies don’t need to piece together different solutions from multiple vendors. All the capabilities are already there, so police departments can obtain the greatest efficiencies for the least amount of work and expense.
4. Is the cloud platform specifically built to support your law enforcement mission?
Microsoft is the hyper-scale cloud provider delivering a separate cloud platform built specifically to meet the needs of law enforcement agencies and other government entities in the US. Unlike other cloud providers that provision a part of their commercial cloud for government customers, Microsoft Azure Government is a physical and logical network-isolated instance of Azure. That means our federal, state, and local government customers operate within a completely different cloud platform located in completely separate datacenters.
Microsoft goes to great lengths to protect these datacenters. All the hardware, applications, and information housed in Microsoft Azure Government datacenters remain in the continental US at all times. Likewise, the personnel who work in these datacenters are US citizens who must pass stringent security clearances that include fingerprint-based background checks. These datacenters are also located more than 500 miles apart, ensuring true geographic redundancy in the event of a natural disaster or cyberattack. All of this adds up to the highest level of security, designed to meet rigorous law enforcement demands.
By choosing a cloud service provider dedicated to their mission, law enforcement agencies can reap the full benefits of hyper scale computing, while improving the security of their data. To learn more, please see our Microsoft Azure Government Overview webpage or ask a question here. or Also visit www.microsoft.com/lawenforcement or request a trial: Azure Government Trial, Office 365 Government Trial.