Microsoft Azure Cloud Platform Security
Microsoft™ understands that for you to realize the benefits of the cloud, you must be willing to entrust Microsoft™ cloud provider with one of the most valuable assets—Microsoft™ data. If […]
Microsoft™ understands that for you to realize the benefits of the cloud, you must be willing to entrust Microsoft™ cloud provider with one of the most valuable assets—Microsoft™ data. If […]

Microsoft™ understands that for you to realize the benefits of the cloud, you must be willing to entrust Microsoft™ cloud provider with one of the most valuable assets—Microsoft™ data. If you invest in a cloud service, you must be able to trust that customer data is safe, that the privacy of Microsoft™ data is protected, and that you retain ownership of and control over Microsoft™ data—that it will only be used in a way that is consistent with Microsoft’s™ expectations. Microsoft™ strives to earn trust in Microsoft Azure™. Microsoft’s™ long experience running online services has involved extensive investment in foundational technology that builds security and privacy into the development process. Over time, Microsoft™ developed leading security measures and privacy policies, and participated in international compliance programs with independent verification. For data at rest, Microsoft Azure™ offers a wide range of encryption capabilities up to AES—256, giving you the flexibility to choose the solution that best meets needs. Managing threats to protect against online threats, Microsoft Azure™ offers Microsoft Antimalware™ for cloud services and virtual machines.
Microsoft Azure™ meets a broad set of international and industry—specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country specific standards like Australia IRAP, UK G—Cloud, and Singapore MTCS. Rigorous third—party audits, such as by the British Standards Institute, verify Azure’s adherence to the strict security controls these standards mandate. As part of Microsoft’s™ commitment to transparency, you can verify Microsoft™ implementation of many security controls by requesting audit results from the certifying third parties. When Microsoft™ verifies that their services meet compliance standards and demonstrates how we achieve compliance, that makes it easier for customers to secure compliance for the infrastructure and applications they run in Microsoft Azure™. Securing networks—Microsoft Azure™ provides the infrastructure necessary to securely connect virtual machines to one another and to connect on premises data centers with Microsoft Azure™ VMs. Microsoft Azure™ blocks unauthorized traffic to and within Microsoft™ data centers, using a variety of technologies. Microsoft Azure Virtual Network™ extends Microsoft™ on premises network to the cloud through a site—to—site VPN.
Microsoft™ makes security and privacy a priority at every step, from code development through incident response. Security and privacy are built into the Microsoft Azure™ platform, beginning with the Security Development Life—cycle (SDL) that addresses security at every development phase from initial planning to launch, and Azure is continually updated to make it even more secure. Microsoft Operational Security Assurance™ (Microsoft OSA™) builds on SDL knowledge and processes to provide a framework that helps ensure secure operations throughout the life—cycle of cloud based services. Microsoft Azure Security Center™ makes Microsoft Azure™ the only public cloud platform to offer continuous security health monitoring. Your IT infrastructure is more dynamic than ever, with on premises data centers, cloud and hybrid environments, and an ever—changing threat landscape. Without a clear line of sight into your entire infrastructure, how can you protect your data and applications from compromise? Cloud network security managed services gives you a single solution to monitor the security of your infrastructure at the network, system, and application layer, whether it’s on—premises, in the cloud, or hybrid.
Microsoft™ has leveraged its decades long experience building enterprise software and running some of the world’s largest online services to create a robust set of security technologies and practices. These help ensure that Microsoft Azure™ infrastructure is resilient to attack, safeguards user access to the Microsoft Azure™ environment, and helps keep customer data secure through encrypted communications as well as threat management and mitigation practices, including regular penetration testing. Managing and controlling identity and user access to Microsoft™ environments, data, and applications by federating user identities to Microsoft Azure Active Directory™ and enabling multi factor authentication for more secure sign in. Encrypting communications and operation processes for data in transit, Microsoft Azure™ uses industry standard transport protocols between user devices and Microsoft™ data centers, and within data centers themselves. Microsoft™ employs intrusion detection, distributed denial of service (DDoS) attack prevention, penetration testing, and data analytics and machine learning tools to help mitigate threats to the Microsoft Azure™ platform.
For more than 20 years, Microsoft™ has been a leader in creating robust online solutions designed to protect the privacy of Microsoft™ customers. Microsoft™ time tested approach to privacy and data protection is grounded in Microsoft™ commitment to organizations’ ownership of and control over the collection, use, and distribution of their information. Microsoft™ strives to be transparent in Microsoft™ privacy practices, offer you meaningful privacy choices, and responsibly manage the data we store and process. One measure of Microsoft™ commitment to the privacy of customer data is Microsoft™ adoption of the world’s first code of practice for cloud privacy, ISO/IEC 27018. You own Microsoft™ own data. With Microsoft Azure™, you have ownership of customer data—that is, all data, including text, sound, video, or image files and software, that are provided to Microsoft™ by you, or on Microsoft™ behalf, through the use of Microsoft Azure™. Microsoft™ will not use customer data or derive information from it for advertising or data mining. You are in control of Microsoft™ data. Because the customer data you host on Microsoft Azure™ belongs to you, you have control over where it is stored and how it is securely accessed, maintained and deleted.
Microsoft Azure™ is built on the premise that for you to control your own customer data in the cloud, you require visibility into that data. You must know where it is stored. You must also know, through clearly stated and readily available policies and procedures, how we help secure Microsoft™ customer data, who can access it, and under what circumstances. And don’t take Microsoft™ word for it, you can review the third—party audits and certifications that confirm that Microsoft™ meets the standards Microsoft™ sets. You can access Microsoft™ customer data at any time and for any reason without assistance from Microsoft™. How Microsoft™ responds to government and law enforcement requests to access data. When a government wants customer data—including for national security purposes—it must follow the applicable legal process, serving us with a Microsoft™ to order for content or a subpoena for account information. If compelled to disclose customer data, Microsoft™ will notify you and provide a copy of the demand, unless legally prohibited. Microsoft™ does not provide any government with direct access to customer data except as you direct or where required by law.
You must be logged in to post a comment.