Microsoft unveils a locked-down, hosted app bundle for U.S. government customers

Microsoft is rolling out a new version of its Business Productivity Online Suite (BPOS) tailored specifically for federal government users, the company announced on February 24 during the kick-off of its annual CIO Summit in Redmond.

The new bundle is known as Business Productivity Online Suite Federal. No, this is not related to the still-unannounced BPOS Lite offering I wrote about recently. This is something aimed at government contractors "and others that require the highest levels of security features and protocols," according to the Softies. The new Federal offering will be sold directly by Microsoft, as well as by its Large Account Resellers and federal resellers.

BPOS Federal is a security-enhanced version of the current BPOS product. BPOS is a Microsoft-hosted collection of Exchange Online, SharePoint Online, Communications Online and Live Meeting. The Federal version is hosted on "separate, dedicated infrastructure in secured facilities," not in the existing datacenters where Microsoft currently hosts BPOS. (BPOS is a cloud offering, but isn't currently hosted on Windows Azure. Microsoft officials have said the goal is to move BPOS to Azure, but haven't offered a timetable for that.)

"Physical access to those (BPOS Federal) systems is limited by biometric access controls to a small number of individuals who, in compliance with International Traffic in Arms Regulations (ITAR), must be citizens of the United States who have undergone rigorous background checks, including fingerprinting," according to the Microsoft press release.

Microsoft also is adding further security and compliance support to its existing BPOS bundle as well as the newly announced Federal one, company officials said today.

On the list of standards and certifications that "standard" BPOS will meet within six months: International Organization for Standardization (ISO) 27001, Statement on Auditing Standards (SAS) 70 Type I and Type II, Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA) Title 21 CFR Part 11 of the Code of Federal Regulations. The Federal version of BPOS also will have Federal Information Processing Standard (FIPS) 140-2, and Trusted Internet Connections (TIC) compliance certification. (Note: I updated this section to clarify, based on this Microsoft Online Services Team blog post.)

According to Microsoft, more than 500 U.S. state and local governments are using its Online Services (BPOS, various standalone Microsoft Online offerings, Deskless Worker offerings and more).

In other news the Redmondians are unveiling at the CIO Summit today, Microsoft is adding identity federation services to its Live@Edu hosted offering for students and academics. (Update: Support is coming for the SAML and Shiboleth single sign-on services -- support for both of which will be added at some point this year to BPOS, too, the Softies said.) Microsoft officials said in the past six months more than 10,000 schools have licensed Live@edu. Late last year, Microsoft added SharePoint Online to its Live@Edu bundle.

Just yesterday, during the Goldman Sachs Technology & Internet Conference, Microsoft President of Server and Tools Bob Muglia mentioned that the public sector has been the strongest sector, by far, for Microsoft in terms of enterprise/server product sales. The new BPOS bundle seems to be a reflection of this fact.