Microsoft’s Azure cloud platform has become the first public cloud service in Australia to pass an Australian Signals Directorate (ASD) Industry Security Registered Assessors Program (IRAP) compliance assessment.
The IRAP assessment is set out in the Australian Government Information Security Manual and Protective Security Policy Framework. It certifies an industry provider has appropriate and effective security controls in place for the processing, storage and transmission of unclassified sensitive data.
“As the Government relies heavily on information and communication technology to deliver its services, agencies must actively manage security risks associated with electronic data transmission, aggregation and storage,” the official government website states.
These include areas such as intrusion detection, cryptography, cross domain security, network security, access control and information security risk management.
Microsoft’s IRAP certification covers its Australian-based datacentres, as well as its Global Foundation Services infrastructure (its global network and physical infrastructure) and a number of core Azure technologies.
The Azure technologies covered by the Letter of Compliance include Virtual Machines, Cloud Services, Storage Services, Virtual Network, Azure SQL DB and Azure Active Directory.