Microsoft announced that "Microsoft's cloud infrastructure has achieved another milestone in receiving its Federal Information Security Management Act of 2002 (FISMA) Authorization to Operate (ATO)."
Meeting the requirements of FISMA is an important security requirement for US Federal agencies. The ATO was issued to Microsoft's Global Foundation Services organization. It covers Microsoft's cloud infrastructure that provides a trustworthy foundation for the company's cloud services, including Exchange Online and SharePoint Online, which're currently in FISMA certification and accreditation process.
"This ATO represents the government's reliance on our security processes and covers Microsoft's General Support System and follows NIST Special Publication 800-53 Revision 3 "Recommended Security Controls for Federal Information Systems and Organizations."
"Government organizations require specialized compliance and regulatory processes. Operating under FISMA requires transparency and frequent security reporting to our US Federal customers. And we're applying these specialized processes across our infrastructure to even further enhance our Online Services Security & Compliance program. The company has been designing and testing our cloud apps and infrastructure for over a decade to continually address emerging, internationally-recognized standards. We're focused on excelling in demonstrating our capabilities and compliance with these laws and with our stringent internal security and privacy policies. As a result, all our customers can benefit from highly-focused testing and monitoring, automated patch delivery, cost-saving economies of scale, and ongoing security improvements," stated Microosft.
More information about FISMA is available at the National Institute of Standards and Technology here.
[tags]fisma,gfs,global foundation services,compliance,online services,cloud security,cloud services[/tags]