Story image

Microsoft officially awarded with “Protected” data certification

03 Apr 18

Microsoft has officially been awarded protected level certification for Microsoft Azure and Office 365, marking the tech giant as the first hyperscale cloud provider to attain certification for protected data in Australia.

25 of Microsoft Azure services and 10 Office 365 services have received the certification from the Australian Signals Directorate (ASD), an achievement the company says will accelerate the opportunity for all levels of Government and National Critical Infrastructure to advance their use of secure cloud computing.

The announcement comes off the back of the company officially launching its two new Azure regions - known as Azure Australia Central - this morning, in partnership with Canberra Data Centres (CDC). 

Microsoft says obtaining protected level certification creates a clear path for Government agencies to host higher classified data sets in Microsoft cloud services and will accelerate the ability for Commonwealth, State and Territory Governments to adopt cloud with an additional degree of confidence. 

Microsoft Australia managing director Steven Worrall says, “This injects new opportunities for public sector innovation, transformation and service agility thanks to the range of sophisticated Azure services already available and certified. 

“Office 365 will support the Australian government’s ambitions to streamline government processes and digitally transform public sector workplaces.  At the same time, agencies can avail themselves of the mature and open ecosystem of partners and developers who build on the Azure cloud.”

Microsoft currently has unclassified DLM certification for 40 Azure services and 10 Office 365 services.

Within those services, 35 were formally assessed for Protected Certification and have now been formally certified by the ASD for inclusion on the Certified Cloud Services List (CCSL). 

Minister for Law Enforcement and Cyber Security Angus Taylor said awarding the certification to Microsoft will accelerate the ability for Commonwealth, State and Territory Governments to adopt cloud technology.

“It has never been more important for government and Australian enterprises to strategically manage cyber security risks,” Minister Taylor says.

“Australia is under increasing cyber security threat and as government and critical infrastructure innovate and transform, it is imperative that we remove risk in our existing systems and use modern, secure cloud technology.

“Awarding Microsoft the Protected Certification reflects the Turnbull Government’s commitment to prioritise and deliver secure cloud services, ensuring a very high level of security for Australians.

“The Australian Government welcomes Microsoft’s investment in the Australian public sector as well as an initiative to deliver cloud computing skills to an additional 5,000 employees by 2020.”

The security and management of Government data is directed by the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) which provide mandatory guidance to ensure agencies remain compliant.

The security controls required for Protected Certification of Azure and Office 365 have been implemented in all Australian regions where the Microsoft cloud is available: Sydney, Melbourne and now Canberra. 

The Azure Central regions offer some unique additional capabilities for connectivity, resilience and hybrid flexibility, which Microsoft says provides further assurance to government and national critical infrastructure customers with mission-critical needs.  

Microsoft Azure engineering lead for A/NZ James Kavanagh says, “We embarked on this journey in 2014 with the first assessment of Microsoft Azure for compliance with Australian government security controls. 

“In the four years since, we’ve engineered new security innovations into our software, we’ve enhanced our personnel and physical security right across Australia, we’ve established new relationships and capabilities for cybersecurity and most recently we’ve opened new cloud regions dedicated to government and national critical infrastructure.

“Most importantly, we’ve done all of this in partnership with the Australian Government towards one shared goal – to ensure that government and critical infrastructure sectors of Australia have access to the best innovation, with absolute confidence in the rigorous level of security and privacy that Australians expect,” Kavanagh concludes.

5G will propel RAN market to $160b in near future
5G growth is expected to advance at a faster pace than LTE, particularly within the APAC region.
LG takes home over 140 awards at CES
Including Engadget Best of CES Award in TV category for fifth consecutive year for the LG Signature OLED TV R.
Expert comment: Google fined US$57mil for GDPR breaches
The committee examining the breaches found two types of breaches of the GDPR.
McAfee customer choice for Cloud Access Security
“This is the second time that McAfee has been named... and we believe this demonstrates our ability to stay ahead of the pack.”
The message behind the Apple/Samsung iTunes partnership
Futuresource has released its perspective on what Samsung Smart TV’s new iTunes Movies and TV Show app means for Apple as a company.
Cybercrime could cost companies US$5.2tril over next five years – survey
New research from Accenture found that only 30% of organisations are very confident in internet security.
How healthcare can prepare for My Health Record roll-out - Proofpoint
Australia’s healthcare sector is the continent’s biggest cybercrime target, according to a July report from the Australian Information Commissioner.
Achieving cyber resilience in the telco industry - Accenture
Whether hackers are motivated by greed, or a curiosity to assess a telco’s weaknesses; the interconnected nature of the industry places it in a position of increased threat