Cloud Computing | Microsoft Trustworthy Computing Blog

Cloud Computing Security News and Guidance for Businesses and Organizations

December, 2011

  • Introducing the Cloud Fundamentals Video Series

    Posted by: Tim Rains, Director, Trustworthy Computing

     

    Tim Rains, Director Trustworthy Computing, Microsoft

    A big part of my job is talking to Chief Security Information Officers, Chief Security Officers, as well as VPs and Directors who manage risk for their organizations. For them, one of the top priorities that has emerged in the past couple of years is cloud computing. The businesses that these security executives support are evaluating the potential benefits of cloud computing and some have already started leveraging this new paradigm in an effort to increase productivity and lower costs. Security executives are, more often than not, involved in the evaluation and deployment processes for new online services.

  • Cloud Fundamentals Video Series: Cloud Computing & Business Agility

    Posted by: Tim Rains, Director, Trustworthy Computing

    There is a lot of discussion in the industry right now about the potential cost savings for organizations that leverage of cloud computing. Another potential benefit of leveraging cloud computing is increased business agility.

    For many organizations deploying new IT capabilities can be a relatively long and costly process. In this, the second installment of Trustworthy Computing’s Cloud Fundamentals Video Series, John Howie, a Senior Director of Microsoft’s Global Foundation Services, points out once the decision is made to procure new servers you’re still likely to be weeks away from deriving any benefit from them. Hardware has to be delivered, it has to be racked into the data center or server room and power run to it. It has to be networked and configured, operating systems have to be loaded and applications installed.

  • A Delegate’s View of the Cloud Security Alliance Congress 2011

    Posted by: Tim Rains, Director, Trustworthy Computing Communications

    Microsoft Sponsors the Cloud Security Alliance (CSA) Congress

    I attended the second annual Cloud Security Alliance Congress event a couple of weeks ago in Orlando Florida and wanted to pass on some of what I learned.

    The Cloud Security Alliance (CSA), of which we are a member, was founded in 2008. It has emerged as a leading industry authority focused on promoting the use of best practices for providing security assurance within cloud computing, and providing education on the uses of cloud computing.  In the course of three years, CSA has released 12 research reports, created a cloud provider registry, and established the only user certification related to the security knowledge of cloud computing. All its research products are the result of global collaboration and are provided at no cost, and royalty-free, to any organization that wants them (https://cloudsecurityalliance.org/about/).

    The CSA Congress was a full two-day, multi-track conference preceded by in-depth training sessions.  I attended hoping to get some insights into what cloud adopters, cloud providers and others are thinking about the benefits, challenges, and security aspects related to cloud computing. I wasn’t disappointed as there was no shortage of people sharing what they have learned about the cloud, and debating the finer points of security and privacy related topics.

  • Dear Santa, All I Want for Christmas is a Secure and Compliant Cloud Service

    Posted by: Adrienne Hall, General Manager, Trustworthy Computing

    Last week I wrote about the important role the channel plays, occupying a space between cloud vendor and end user organization and adding value by ensuring technology satisfies business needs. But that’s not to say that cloud providers shouldn’t also have a direct relationship with their customers to understand their needs and factor them into the products and solutions they develop and evolve.

    I spend a lot of time talking to customers about what they want from their cloud vendor. Top of their list is a service that both keeps their data secure and helps them comply with local and international law and regulations.

  • Microsoft Joins European Commission’s CEO Coalition on Child Online Safety

    Posted by: Peter Cullen, General Manager, Trustworthy Computing, Microsoft

    Today, European Union Commissioner Neelie Kroes announced the formation of the ‘CEO Coalition on Child Online Safety.’ Microsoft is pleased to be a founding member of this coalition, which is a collective effort of government and industry to discuss best practices that “make the Internet a better place for children.”

    I will serve as Microsoft’s representative on the CEO Coalition, and Microsoft remains committed to advancing ways to make online services and the Internet safer for children. We also believe such joint efforts, involving all major industry players in the digital ecosystem – including hardware manufacturers, technology companies, content creators, telecommunications and online service providers – are necessary to achieving real progress in the area of online safety.

  • The Channel’s Role in the Cloud: It’s Still about Relationships

    Posted by: Adrienne Hall, General Manager, Trustworthy Computing

    With 2011 drawing to a close, we’re starting to see several predictions for what the next year will hold. On the subject of cloud computing, Forrester’s James Staten made some interesting observations.

    Staten’s comments about the channel got me thinking; “channel” is such a broad term. He rightly points out that with offerings available directly from providers, “reselling isn’t good enough anymore.” Yet the counterpoint is also reflected in his comment: “For the channel to survive it must add value around cloud services and there’s plenty of opportunity to go around.” I agree with both statements.

    For the channel organization that partners with a cloud provider and adds value in the form of support, customization, or other value-added services, the cloud is a tremendous opportunity to create a recurring revenue stream. However, if it passes on the cloud provider’s offering to customers with little to no value-add other than processing the transaction, this industry shift may challenge their bottom line.