See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Cloud computing providers: Clueless about security?
To me, one of the benefits of moving to the Cloud is security – obviously besides availability and costs. Recent incidents made me doubt: Amazon not only having significant downtime but in the same time losing customer data. Sony’s game network being significantly compromised. This is definitely not...
4 May 2011
Identity in the Cloud
Kim Cameron, one of our key identity architects had an interesting presentation on identity in the cloud and a corresponding interview. Both are worth looking at if you are planning to move into the direction of the cloud. Especially as it is definitely one of the key challenges: This is Kim's presentation...
25 May 2010
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001...
16 Dec 2011
The Value of Government Clouds
We recently released a paper called The Economics of Cloud Computing for the EU Public Sector , which is actually valid for every other European country as well as it is not too narrowly focused on the EU only. Additionally there is a US-version of the paper as well. It is definitely worth reading. Andrea...
12 Nov 2010
We Need Solid and Strong Transparent Processes for the Cloud
This morning I was reading an article called Google seeks to assure customers on cloud security practices on ComputerWeekly. I had to read this – obviously . It references a paper written by the Google Security Officer called Security Whitepaper: Google Apps Messaging and Collaboration Products...
8 Jun 2010
Video on Microsoft’s Datacenter
A very good overview over the way we run Microsoft’s Cloud. The interesting thing is – if you look at the video – that most customers are still running their datacenters on generation 1-2, which means that the efficiency (labor as well as energy) we can deliver is significantly higher – not talking of...
29 Jul 2011
Security Considerations in a Private Cloud
I am talking a lot about Cloud Security. There are a few observations I made: Even though a lot of people are talking about the Cloud, there is still not too much knowledge about it. What is a private Cloud versus a public Cloud? What is Infrastructure as a Service, Platform as a Service, Application...
24 Jun 2011
IT outsourcing most affected by data leaks – What about the Cloud?
I recently asked in a panel, where the difference is between Cloud Computing and classical outsourcing – I kind of became unpopular because this is simply uncool… But I stick with it (knowing there are differences) but the difference is not that big in my opinion. So, reading this article IT outsourcing...
24 Sep 2009
Does the business really hate IT?
Back at the times of outsourcing, there was real tension between IT and the business. Internal IT had the “comfortable” position of having a monopoly: The business used the internal IT and basically just had to pay the bill. Then times came, where the business was not satisfied anymore. That basically...
23 Jun 2011
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this...
12 Jan 2012
Cloud Security Paper: Looking for Feedback
As most of you as well, I was looking for information and opinions on Cloud Security over the last year. I found a lot of papers but when I talk to our customers I realize that they think about the Cloud but Cloud Security is mainly something for the specialists – which it is not for me. Therefore I...
30 Jan 2010
Selecting the right Cloud partner
One of the challenges customers always have is, how to select the right cloud partner and fairly often security drives this selection. The Cloud Security Alliance published the Cloud Controls Matrix quite a while ago and in addition a Consensus Assessments Initiative Questionnaire and a lot of request...
10 Apr 2012
Cybercrime as a Service–Our Future?
It is not really surprising that the criminals will leverage the economy of Cloud Computing for their illegal purposes. Especially activities, which consume a lot of processor power will be moved to the Cloud – like any other business. Some way back, there were discussions on how to leverage GPUs to...
12 Jan 2011
HP and Microsoft Partnership: That’s What You Need in the Cloud
Often when I talk to our customers and they ask me about the cloud, a lot of questions come up. Most of them are security related (obviously) but some of them are more management focused. For example the question about how to manage a hybrid environment, where part of your business is run on premise...
14 Jan 2010
Searchable Encryption for the Cloud–soon?
This is a very interesting development. Encryption generally would solve a lot of problems around data sovereignty. So, encrypting the data, keeping the key and moving the data to the public cloud could basically address a lot of the risks. Today, it comes with a high price as the data which resides...
10 Aug 2011
Who cares where your data is?
Wow, I guess the reason for you clicking on the link is this statement – right? Well, “unfortunately” I cannot claim ownership of it. It was made by a Google representative during an interview in Australia: Google: Who cares where your data is? To me, the whole Cloud discussion sometimes drives into...
10 Jun 2011
What’s the “Cloud” or better “What’s not a Cloud”
On analyst (and very active Tweeter on http://twitter.com/monkchips ) quite a while ago (March 08) published a post, which we recently drew up in one of the cloud discussions: If you peel back the label and its says “Grid” or “ OGSA ” underneath… its not a cloud. If you need to send a 40 page requirements...
2 Oct 2009
Do you really want to move to the Cloud? Really?
Well, the question is not too provocative. The longer I look into the risk, the more I am asking this question. Now, we have to separate the different company sizes. I guess for a small and medium business – with the correct safety measures – it makes a lot of sense and you could safe some money. But...
25 Sep 2009
A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?
I recently came across a paper called Shadows in the Cloud , which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network , an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the...
21 Apr 2010
Internet Personalization–and How I Never Looked at It…
This is actually a great speech but very, very, very scary: and the scariest part is that I never looked at it that way but he is right Roger
15 Jun 2011
Moving to the Cloud: Where it worked and where I was challenged
I am running a whole environment at home to experience our technology. However, up to now it was all “on premise”, no Cloud integration. This has to change. Therefore I was more than happy to join our internal Hosted Exchange 14 beta program. We are offering the hosted Exchange program to Live...
21 Sep 2009
Legal Challenges of International Business and the Cloud
To start with: I am an engineer not a lawyer – and this might be part of the problem… When I started to think about the Cloud and security and thought about all the work I do with Law Enforcement and the challenges they face. Additionally, I started to think about the legal challenges we – as an industry...
9 Mar 2010
Secure Datacenter, Secure Cloud, Secure Government
At the moment I invest a lot of my time in a Whitepaper on Client and Cloud Security. There are a few fundamentals, which are already clear to me: You will not be able to run a trusted cloud ecosystem without a trusted client and trusted interactions. So, the End to End Trust model is needed in...
28 Oct 2009
Insider Threat of Cloud Computing
Tonight I got this article forwarded to me: Afraid of outside cloud attacks? You're missing the real threat . David Linthicum (the author) claimed that if you are looking at the hackers attacking “your” cloud from the outside, you are missing the real problem as the insider threat is still bigger. When...
11 Mar 2010
Manage your PCs in the Cloud – Sign up for Windows Intune Beta
We just opened the Beta for Windows Intune, your new PC management and security solution in the cloud. Here is a screenshot if the web console: So, go and sign up for the Beta: http://www.microsoft.com/online/windows-intune.mspx Roger
21 Apr 2010
© 2014 Microsoft Corporation.
Privacy & Cookies