Simplify management of Federal Tax Information (FTI) with Azure Government and the new Azure Blueprint for IRS 1075
Contributors include Meladie Espiritu, Senior Program Manager, Azure Global and Abhijeet Jhala (AJ), Director Modern Government Partner Solutions, State Local Government
Disclaimer: Customers are wholly responsible for ensuring their own compliance with all applicable laws and regulations. Information provided in this post does not constitute legal advice, and customers should consult their legal advisors for any questions regarding regulatory compliance.
In today’s digital and data economy, revenue and tax collection agencies face modern challenges including aging, costly, and inflexible legacy infrastructure (often without proven Business Continuity/Disaster Recovery (BCDR) capabilities), an expanding volume and cost of managing data, and complexity in auditing and meeting IRS 1075 compliance requirements.
A modern infrastructure for FTI workloads
Azure Government offers a modern infrastructure to host Federal Tax Information (FTI) and State Personally Identifiable Information (PII) workloads – one that allows revenue agencies to modernize their legacy infrastructure while staying highly secured, compliant, well-managed, and cost-effective.
Azure offers unique Hybrid Cloud tools to help revenue agencies manage their on-premises workloads while taking advantage of Azure to innovate – all while seamlessly securing and governing both environments. Azure Arc helps agencies govern and manage on-premises resources and cloud environments with single control plane. For agencies wanting public cloud benefits while staying on-premises, the Azure Stack portfolio offers an extension of Azure to build, run, and manage hybrid data centers.
Native DR for high availability and resilience of FTI Data
Revenue agencies have traditionally invested a lot of money for existing data and management tools and a lot of time to integrate disparate systems. Moving these legacy systems with several integration points to the cloud can be challenging. In such a diverse multi-vendor, multi-technology on-premises world, Microsoft recommends taking a comprehensive look at dependencies and simplify agencies efforts to create a migration/replication path. Azure offers a comprehensive partner/3rd party ecosystem to migrate revenue agencies to the cloud while maintaining dependencies and legacy integrations between systems.
Azure Architecture Center is a guide to designing scalable, resilient Azure architecture leveraging proven practices. Below is a sample reference architecture for standing up a multi-vendor hybrid disaster recovery (DR) environment for FTI workloads on Azure Government:
Azure Site Recovery, a native Disaster Recovery as a Service (DRaaS) offering, allows revenue agencies to keep their systems up – even during an on-premises outage. Microsoft has been recognized as a leader in DRaaS based on completeness of vision and ability to executive by Gartner in 2018 Magic Quadrant.
Data warehousing for integration and flexibility
Most revenue agencies have spent a lot of time standing up data warehousing environments. These legacy data warehousing environments are not only expensive but also inflexible. Moving FTI data (relational and non-relational) to Azure and standing up a modern data warehouse enables tax agencies to derive more insights from their data more rapidly.
Azure Synapse Analytics combines the power of Data Warehousing and Big Data Analytics and removes the friction from agencies/customers trying to sort structured and un-structured data before migrating data to the cloud as it brings these two worlds of relational and non-relational into a single analytics platform.
Simplifying compliance with the Azure Blueprint for IRS 1075
The Internal Revenue Service Publication 1075 (IRS 1075) publishes Internal Revenue Service Publication 1075 (IRS 1075), providing guidance for US government agencies and agents that access federal tax information (FTI) to ensure that they use policies, practices, and controls to protect its confidentiality.
Compliance with standards such as IRS 1075 is increasingly important for all types of organizations. Azure customers, particularly those in regulated industries, have expressed a strong interest in compliance blueprints to help ease the burden of their compliance obligations.
Our recently released Azure Blueprint for IRS 1075 is now available in Azure Government, making it easy for revenue agencies to govern their resources in accordance with compliance requirements. The IRS 1075 blueprint maps a core set of Azure Policy definitions to specific IRS 1075 controls. For US government organizations and others with compliance requirements based on IRS 1075, this blueprint can help you proactively manage and monitor compliance of Azure resources.
How to use the Azure Blueprint for IRS 1075
The IRS 1075 blueprint can be assigned from within the Azure Blueprints service, a free service that helps customers define a repeatable set of Azure resources that implement and adhere to standards, patterns, and requirements.
To get started: (1) sign into the Azure portal, (2) search for Blueprints, (3) create a new blueprint, and (4) select the IRS 1075 blueprint template.
The IRS 1075 blueprint provides governance guardrails using Azure Policy to help customers assess specific IRS 1075 controls. The blueprint includes a core set of policies that can be assigned to any Azure architecture that must implement these controls. When assigned, Azure resources are evaluated by Azure Policy for non-compliance with assigned policies. A control mapping provides details on policies included within this blueprint and how these policies address various IRS 1075 controls.
Learn more about the IRS 1075 blueprint here: https://aka.ms/irs1075-blueprint.