See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Cloud computing providers: Clueless about security?
To me, one of the benefits of moving to the Cloud is security – obviously besides availability and costs. Recent incidents made me doubt: Amazon not only having significant downtime but in the same time losing customer data. Sony’s game network being significantly compromised. This is definitely not...
4 May 2011
Lies, Damned Lies and the “Gone Google” Calculator
An interesting post (by a Microsoft employee) on the Google cost calculator. An interesting read on the way they compete…. Lies, Damned Lies and the “Gone Google” Calculator Roger
16 Jun 2010
Identity in the Cloud
Kim Cameron, one of our key identity architects had an interesting presentation on identity in the cloud and a corresponding interview. Both are worth looking at if you are planning to move into the direction of the cloud. Especially as it is definitely one of the key challenges: This is Kim's presentation...
25 May 2010
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001...
16 Dec 2011
Can cloud security ever work?
An interesting question, posed by V3.co.uk: Can cloud security ever work? – How relevant is the question by itself? When computers and especially personal computers were introduced, people asked as well whether the security on a PC will ever work – the question is just not relevant. Let’s face it: The...
6 Oct 2010
The Value of Government Clouds
We recently released a paper called The Economics of Cloud Computing for the EU Public Sector , which is actually valid for every other European country as well as it is not too narrowly focused on the EU only. Additionally there is a US-version of the paper as well. It is definitely worth reading. Andrea...
12 Nov 2010
We Need Solid and Strong Transparent Processes for the Cloud
This morning I was reading an article called Google seeks to assure customers on cloud security practices on ComputerWeekly. I had to read this – obviously . It references a paper written by the Google Security Officer called Security Whitepaper: Google Apps Messaging and Collaboration Products...
8 Jun 2010
E-Mail–The Low Hanging Fruit for the Cloud?
I am convinced that there are workloads that can and should be moved to the Cloud: For security reasons as well as for economical reasons. E-Mail might well be the first one of them. There is a good post on that: Editor's Note: Email, the Lowest-Hanging Fruit of the Cloud Roger
16 Aug 2010
Video on Microsoft’s Datacenter
A very good overview over the way we run Microsoft’s Cloud. The interesting thing is – if you look at the video – that most customers are still running their datacenters on generation 1-2, which means that the efficiency (labor as well as energy) we can deliver is significantly higher – not talking of...
29 Jul 2011
Security Considerations in a Private Cloud
I am talking a lot about Cloud Security. There are a few observations I made: Even though a lot of people are talking about the Cloud, there is still not too much knowledge about it. What is a private Cloud versus a public Cloud? What is Infrastructure as a Service, Platform as a Service, Application...
24 Jun 2011
Definition of Cloud Computing
Just found this on http://news.yahoo.com/photos/new-adventures-of-queen-victoria-slideshow/20110914-naqv110914-gif-photo-050626492.html Love that Roger
16 Sep 2011
Does the business really hate IT?
Back at the times of outsourcing, there was real tension between IT and the business. Internal IT had the “comfortable” position of having a monopoly: The business used the internal IT and basically just had to pay the bill. Then times came, where the business was not satisfied anymore. That basically...
23 Jun 2011
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this...
12 Jan 2012
Doing the right thing on ID management isn't enough...
Even though it might be obvious, compliance is not only about protecting data but identities as well – and more. Jon Collins, Freeform Dynamics, whom I value high, wrote a good article: Doing the right thing on ID management isn't enough... – you should read it! Roger
16 Jul 2010
Cybercrime as a Service–Our Future?
It is not really surprising that the criminals will leverage the economy of Cloud Computing for their illegal purposes. Especially activities, which consume a lot of processor power will be moved to the Cloud – like any other business. Some way back, there were discussions on how to leverage GPUs to...
12 Jan 2011
Data Governance in the Cloud
If you look at current discussions between cloud providers and customers, I see it too often that the customer leaves with the impression that the Cloud fixes all their problems. In fact – it does not. Too often I see the Cloud provider telling the customer that they should not care about security anymore...
15 Sep 2010
Searchable Encryption for the Cloud–soon?
This is a very interesting development. Encryption generally would solve a lot of problems around data sovereignty. So, encrypting the data, keeping the key and moving the data to the public cloud could basically address a lot of the risks. Today, it comes with a high price as the data which resides...
10 Aug 2011
Who cares where your data is?
Wow, I guess the reason for you clicking on the link is this statement – right? Well, “unfortunately” I cannot claim ownership of it. It was made by a Google representative during an interview in Australia: Google: Who cares where your data is? To me, the whole Cloud discussion sometimes drives into...
10 Jun 2011
Internet Personalization–and How I Never Looked at It…
This is actually a great speech but very, very, very scary: and the scariest part is that I never looked at it that way but he is right Roger
15 Jun 2011
Why Google Won’t Beat Microsoft on Cloud Collaboration
Well, it is not me saying that, it is actually Clint Boulton , eWeek. He published an article on 10 Reasons Why Google Won't Beat Microsoft in Cloud Collaboration and they are: Microsoft Is Big, Getting Bigger Local Still Preferable? Microsoft Now Lives in the Cloud Bang for the Buck Lies with Microsoft...
27 Jun 2010
BPOS-Federal got FISMA Certification
Great progress on our Cloud: Our BPOF-Federal solution has received FISMA certification and accreditation: BPOS-Federal & FISMA Yes, we really have it for BPOS-F Roger
21 Apr 2011
Hotmail now with full-session SSL
If you use Hotmail, you should enable full session SSL in my opinion. Additionally we use SSL for additional services like Skydrive etc. However, there are some caveats. Read the blog post on that: Hotmail security improves with full-session HTTPS encryption Roger
11 Nov 2010
Cloud Computing: Benefits and Risks of Moving Federal IT into the Cloud
July 1st, Scott Charney, Corporate Vice President Trustworthy Computing was testifying at a hearing of the House Committee on Oversight and Government Reform. Basically the hearing was on the benefits and risk of Cloud adoption for the US government. If you are interested in reading his full testimony...
6 Jul 2010
Customer Experience Study: Security Improves in the Cloud
Last week, when I was in South Africa, a partner of us pointed me to a very interesting paper by KPMG called Cloud computing: Australian lessons and experiences . What I like is, that a lot of the items I was recently raising, where actually reflected in quotes by customers of Cloud providers as well...
28 Sep 2010
Information Security Management System for Microsoft Cloud Infrastructure
Just a quick one. Our Global Foundation Services organization (the ones who run our datacenters) just published a new whitepaper: Information Security Management System for Microsoft Cloud Infrastructure This paper describes the Information Security Management System program for Microsoft's Cloud Infrastructure...
19 Nov 2010
© 2014 Microsoft Corporation.
Privacy & Cookies