Azure Government is the first commercial cloud service to be awarded an Information Impact Level 5 DoD Provisional Authorization by the Defense Information Systems Agency.
The U.S. Department of Defense has granted accreditation for Azure and Office 365 to handle controlled unclassified information, marking yet another significant step in Microsoft's commitment to being the most trusted cloud for government, writes Tom Keane.
"This provisional authorization allows all U.S. Department of Defense (DoD) customers to leverage Azure Government for the most sensitive controlled unclassified information (CUI), including CUI of National Security Systems," Keane says.
Microsoft Cloud team published a guide to tip small and midsize businesses choosing a cloud service provider (CSPs).
Cloud services providers are now becoming more responsive to compliance requirements, and new guidelines are specifying safe uses of the cloud. "When researching CSPs, look for one with a standards-based cloud environment and a security program that meet the same regulatory policies and procedures you must comply with," writes the team. Be sure to "check the contract and service level agreement language carefully to determine how the provider meets cloud compliance requirements."
Ideally, the CSP should be able to validate that they meet compliance requirements or standards, and can and will prove it in an audit. "Your CSP should have a security professional on staff who's responsible for matching the CSP's offerings with PCI DSS, HIPAA and other regulatory requirements," writes the team.
- Where in the world is the data center? Be sure to ask prospective CSPs for documentation that shows the location of their servers, which should be in the United States, according to many regulations and standards.
- Access control is key. I's crucial for a CSP to have sound access controls in place and to implement them properly. Therefore, ask prospective CSPs if they are willing and able to prove that they implement separation of duties for administrative functions, can provide documentation showing which users had access to a system and when, and what each user could access.
- Encrypt data at rest and in motion. If the CSP applies encryption, find out what type of encryption they use, and how and when it's applied. Don't assume that the CSP is fully responsible for data encryption, though.
- Your CSP, your partner. It's worth your time to learn about the CSP's security processes, incident response and disaster recovery procedures, how issues are escalated, how they handle log files and the like.
- Moving on. Application design, monitoring, incident response and disaster recovery are important considerations as well. Be sure to address them with any prospective CSP, writes the team.
The SAP Accounts Receivable solution template, provides an end to end solution that contains AR data and reports sourced from a SAP system is available today.
The new SAP template includes four reports, which are designed for a financial comptroller or other similar financial manager, who needs to constantly be aware of their AR situation and provides powerful insights into accounts receivable by customer, document, and age, writes the BI team.
Like all other, this solution template can also be implemented in just a few clicks. Check out the solution templates page to install here, and see a sample report and a video below: