The key security controls, and the effort to create them.
The Digital Transformation Agency’s pilot of a protected-level Office 365 environment confirms Microsoft’s cloud certification was warranted and that security concerns can be mitigated.
The pilot – announced last week – is set to open the floodgates on protected-level uses of Office 365 and Azure, backed by a raft of security controls and blueprints nutted out by Microsoft, its partners and early adopters like DTA over the past couple of months.
“A lot of agencies were waiting on one agency to get it done so they could say ‘well, they’re doing it [so we can, too]’,” DQA chief technology officer and director of federal services Jean-Pierre Simonis told iTnews.
DQA – a Microsoft gold cloud platform partner – worked closely with DTA to put in place security controls to manage risks with shifting its protected-level communications into Office 365.
Together with a handful of other mostly Canberra-based Microsoft partners, they have largely come up with the security mitigations that will allow agencies to move fast into Microsoft public cloud.
A large number of agencies are likely to make imminent moves or have kicked off pilots of their own, buoyed by the existence of templates for how to approach it.