Microsoft Azure Cloud Security, Compliance and Transparency

Something that is generally forgotten during times of migration and transition is cloud security and who is responsible for what.

The first step on any journey to any cloud is security and compliance. Microsoft meets a vast array of industry and country specific certifications including the ISO 27001, and specifically (for Australians) the Australian IRAP certification. A first point of call for discovery when considering designs on Azure is the Microsoft Azure trust center. There is a vast amount of information on specific items such as: Compliance, security, privacy, and transparency which is a very important item.

2

Microsoft has a disclosure site where they release information on their transparency to the authorities.

In Australia in the last year there have been 2,226 requests for information from the authorities. Do you know how many requests resulted in disclosing content? Zero. Generally on most occasions Microsoft simply gives subscriber data saying go talk to the customer. This is how most requests are handled.

1

As a consumer of cloud services it is important to know where Microsoft’s responsibility stops, and it becomes the customer or the partners responsibility. Microsoft is responsible for the foundation layer; physical and virtual security and segregation of your services.

  • Application security
  • Operating System Security
  • Data Security

3

At Melbourne IT (my employer) we have partners such as Trend Micro who can help fill this gap. Trend Micro has a purpose built deep security product which can manage multiple clouds and has multiple security features. There are multiple ways to purchase your license, with the easiest being per server per month/minute.

4

profile pic

Aaron Whittaker @aaronw2003

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s