We are excited to announce that Azure Databricks has received a Provisional Authorization (PA) by the Defense Information Systems Agency (DISA) at Impact Level 5 (IL5), as published in the Department of Defense Cloud Computing Security Requirements Guide (DoD CC SRG). The authorization closely follows our FedRAMP High authorization and further validates Azure Databricks security and compliance for higher sensitivity Controlled Unclassified Information (CUI), mission-critical information and national security systems across a wide variety of data analytics and AI use cases.
Federal, state and local U.S. government agencies such as the U.S. Department of Veterans Affairs (VA), Centers for Medicare and Medicaid Services (CMS), Department of Transportation (DOT), the City of Spokane and DC Water trust Azure Databricks for their critical data and artificial intelligence (AI) needs. Databricks maintains the highest level of data security by incorporating industry-leading best practices into our cybersecurity program. The DoD IL5 provisional authorization provides customers the assurance that Azure Databricks meets U.S. Department of Defense security and compliance requirements to support sensitive analytics and data science use cases.
"Numerous federal agencies are looking to build cloud data lakes and leverage Delta Lake for a complete and consistent view of all their data," said Kevin Davis, VP, Public Sector at Databricks. "The power of data and AI are being used to dramatically enhance public services, lower costs and improve quality of life for citizens. Using Azure Databricks, government agencies have aggregated hundreds of data sources to improve citizen outreach, automated processing of hourly utility infrastructure IoT data for predictive maintenance, deployed machine learning (ML) models to predict patient needs and built dashboards to predict transportation needs and optimize logistics. DoD IL5 provisional authorization for Azure Databricks further enables federal agencies to analyze all of their data for improved decision making and more accurate predictions."
With this provisional authorization, the Pentagon, federal agencies and contractors can now use Azure Databricks to process the most sensitive unclassified, mission-critical and national security data in cloud computing environments, including data related to national security and the protection of life and financial assets. Azure Databricks enables organizations across industries to accelerate innovation while minimizing risk when working with highly sensitive private sector and public sector data.
See an overview of Microsoft Azure compliance offerings and the list of Azure services in FedRAMP and DoD CC SRG audit scope. Learn more about Impact Level 5 (IL5) by reading Microsoft Documentation.
"Azure Databricks helps customers address security and compliance requirements for regulated public sector use cases, such as immunization, chronic disease prevention, transportation, weather, and financial and economic risk analytics," said David Cook, Chief Information Security Officer at Databricks. "The DoD IL5 provisional authorization validates Azure Databricks security controls and monitoring in accordance with the DoD CC SRG. We are pleased to demonstrate our commitment to security and compliance with the DoD IL5 provisional authorization on Microsoft Azure Government."
Impact Level 5 (IL5) provisional authorization enables government agencies to securely use cloud services to analyze sensitive data such as insurance statements, financial records and healthcare claims to improve processing times, lower operating costs and reduce claims fraud. For example, government agencies and their vendors can analyze large geospatial datasets from GPS satellites, cell towers, ships and autonomous platforms for marine mammal and fish population assessments, highway construction, disaster relief, and population health.
View the Azure Databricks DoD Impact Level 5 (IL5) provisional authorization and other security compliance documentation
You can view related authorizations (visit the Azure compliance documentation) and details on all Microsoft Azure services, including Azure Databricks at the Microsoft Azure compliance offerings documentation and the list of Azure services in FedRAMP and DoD CC SRG audit scope. Learn more about DoD IL5 by viewing the Azure DoD IL5 provisional authorization documentation and the Azure Databricks isolation guidelines for Impact Level 5 workloads.
As always, we welcome your feedback and questions and commit to helping customers achieve and maintain the highest standard of security and compliance. Please feel free to reach out to the team through Microsoft Azure Support.
Learn more by attending the Azure Databricks Government Forum, as well as future Azure Databricks events. Follow us on Twitter and LinkedIn for more Azure Databricks security and compliance news, customer highlights, and new feature announcements.