Eh, I don't see this becoming a successful offering...
What with the whole promotional message being ""I could tell you about Azure Government Secret, but I'd have to kill you." That stuff tends to limit repeat customers.
Microsoft has set up two new Azure cloud regions in the US – dubbed Azure Government Secret regions – to store data involving American national security. The services are in private preview, and are pending official government accreditation. The Windows giant hopes the pair of regions will obtain a Dept of Defense Impact Level …
... and the company running it fails and goes bankrupt.
And remember, even companies that were once big and successful can fail and go bankrupt.
Or they maybe thing they are also buying an insurance, as government will need to bail them out once they actually control government and citizen data, most of them having a very long storage and availability needs?
The Azure Government Secret data centers are so secret Microsoft doesn't disclose their location, only stating on Thursday that they are located more than 500 miles apart.
Sure, and since we cannot check this we will, for risk management purposes, assume they're next door to each other, interconnected with a bit of wet string. Sorry sunshine, what I don't know is tagged worst case as a risk - that's doing the job properly.
Then again, if you're serious about managing security risks you wouldn't use anything coming from Redmond in the first place..
Then again, if you're serious about managing security risks you wouldn't use anything coming from Redmond in the first place..
It is quite easy to secure a computer with a Microsoft OS and other software on it. You first start by unplugging the display, the keyboard, the mouse, other peripherals, the network cable and finally the power cord. After that, you put it in a vault, close and lock the door of that vault and as the very last thing you melt down the key (donate it to Forged in Fire ;) ).
So, basically they've setup a "secret" zone, then go and have a press release with the name and the fact it exists.
Kinda opposite of a secret really.
Not to mention why on earth would you want information deemed to be critical for National Security on the internet. If it were me, I'd setup an entirely seperate network using a non-standard communication method.
"Then why virtualise in the first place ?"
I would imagine to reduce the required number of servers for HA. Along with provisioning time to get a server back up and running in case of hardware failure. If its a VM, in case of hardware failure, just start the VM on other hardware, dedicated to it. If it wasn't a VM, it would require automated provisioning of new hardware (which they should have) but that would take longer to get back up than starting a VM.
The alternative would be to have everything boot directly off block storage, but then the hardware would need to be identical to ensure no problems.