Azure Databricks Achieves FedRAMP High Authorization on Microsoft Azure Government (MAG)
We are excited to announce that Azure Databricks is now Federal Risk and Authorization Management Program (FedRAMP) authorized at the High Impact level, enabling new data and AI use cases across public sector on the dedicated Microsoft Azure Government (MAG) cloud.
Azure Databricks is trusted by federal, state and local government agencies, such as the U.S. Department of Veterans Affairs (VA), Centers for Medicare and Medicaid Services (CMS), Department of Transportation (DOT), and DC Water, for their critical data and AI needs. Databricks maintains the highest level of data security by incorporating industry-leading best practices into our security program. The FedRAMP High authorization provides customers the assurance that Azure Databricks meets U.S. Government security and compliance requirements to support their sensitive analytics and data science use cases.
FedRAMP has seen rapid adoption since it was introduced in 2011 by the Office of Management and Budget (OMB) to help accelerate adoption of secure cloud computing services. FedRAMP defines three primary classifications of data handled by local, state and federal agencies - Low, Moderate, and High Impact levels. Azure Databricks meets the FedRAMP requirements for the highest authorization level. FedRAMP High is a gold standard among public sector, enterprise and industry vertical organizations who are modernizing their approach to information security and privacy. FedRAMP High authorization validates Azure Databricks security controls and monitoring for NIST 800-53 at the high impact level.
"Azure Databricks helps customers address security and compliance requirements for regulated public sector use cases, such as immunization, chronic disease prevention, transportation, weather, and financial and economic risk analytics," said David Cook, Chief Information Security Officer at Databricks. "The FedRAMP High authorization validates Azure Databricks security controls and monitoring for NIST 800-53 at the high impact level. We are pleased to demonstrate our commitment to security and compliance with the FedRAMP High authorization on Microsoft Azure Government."
FedRAMP High authorization enables government agencies to analyze sensitive data such as insurance statements, financial records and healthcare claims to improve processing times, lower operating costs, and reduce claims fraud. For example, government agencies and their vendors can analyze large geospatial datasets from GPS satellites, cell towers, ships and autonomous platforms for marine mammal and fish population assessments, highway construction, disaster relief, and population health.
US Government Certification | Azure Databricks on Azure Government (MAG) |
CJIS |
|
CNSSI 1253 |
|
DFARS |
|
DoD DISA SRG Level 2 |
|
DoE 10 CFR Part 810 |
|
EAR |
|
FedRAMP High |
|
IRS 1075 |
|
ITAR |
|
MARS-E (US) |
|
NERC |
|
NIST Cybersecurity Framework |
|
NIST SP 800-171 |
|
View the Azure Databricks FedRAMP High authorization assessment and other security compliance documentation
You can view and download the Azure Databricks FedRAMP High authorization and related authorizations by visiting the Microsoft Trust Center. You can view and download details on all Microsoft Azure services, including Azure Databricks at the Microsoft Azure compliance offerings documentation and view the list of Azure services by FedRAMP and DoD CC SRG audit scope and directly on the FedRAMP Marketplace. Learn more about FedRAMP by viewing the Microsoft FedRAMP documentation.
As always, we welcome your feedback and questions and commit to helping customers achieve and maintain the highest standard of security and compliance. Please feel free to reach out to the team through Microsoft Azure Support.
Learn more about this announcement by attending the Azure Databricks Government Forum and other Azure Databricks events and follow us on Twitter, LinkedIn, and Facebook for more Azure Databricks security and compliance news, customer highlights, and new feature announcements.