Cloud Computing | Microsoft Trustworthy Computing Blog

Cloud Computing Security News and Guidance for Businesses and Organizations

January, 2013

  • Cloud services: building resiliency and business continuity

    David Bills, chief reliability strategist, Trustworthy Computing

    The complex nature of cloud computing means that as cloud service providers, we need to be mindful that things will go wrong – it’s not a case of if, it’s strictly a matter of when. Cloud providers need to design and build their services in such a way to maximize the reliability of the service and minimize the impact to customers when things do go wrong. A key facet of this approach is business continuity, or ensuring that critical business functions continue to be available, even in the event of a catastrophe. With that in mind, I was recently interviewed for the winter edition of the Disaster Recovery Journal – a journal which focuses on the business continuity planning profession

    When I talk about reliability I’m referring to the outcome all service providers aim for. The notion that the service works as it was designed to, and responds in a predicable fashion when it is needed. One way to improve reliability is to build a service that is resilient – it has the ability to withstand certain types of failure and yet remain fully functional from the customers’ perspective.

  • Internet Safety & Security: A Shared Responsibility

    Posted by Jacqueline Beauchere, director, Trustworthy Computing, Microsoft

    Microsoft and others in the technology industry have long maintained that helping to keep individuals and families safer online is a “shared responsibility” – among industry, government, law enforcement, civil society, and consumers themselves.

    This notion requires the collaborative commitment agreed to in the recently released 19-page report, “Involving Intermediaries in Cyber Security Awareness-Raising.”  This release follows a day-long information-sharing event in Brussels, sponsored by the European Commission and ENISA – the European Network and Information Security Agency.  Forty-five EU and U.S. representatives from the public and private sectors participated, where discussions centered on cross-border cooperation and the importance of public-private partnerships (PPPs).

    I had the privilege of being the sole delegate from the United States, representing the National Cyber Security Alliance (NCSA), one of Microsoft’s key online safety partners.  My presentation focused on the work of the U.S. Department of Homeland Security (DHS) and the NCSA, most notably, National Cyber Security Awareness Month (NCSAM) and its signature STOP. THINK. CONNECT.™ (STC) awareness campaign, a sterling example of a successful PPP.

  • Designing reliable and secure cloud solutions

    Posted by: David Bills, chief reliability strategist, Trustworthy Computing

    Cloud computing and cloud services are emerging as new solutions for many organizations seeking to reduce costs and increase productivity. It’s an exciting and challenging time for the services industry as more and more organizations move their applications and IT services to the cloud.

    When I speak to customers about cloud services, security, privacy and reliability are the three primary topics they consistently ask about. Across the industry I see a number of organizations focused on improving security and privacy but not a lot of emphasis is being placed on reliability.  It seems as if many are still trying to get a handle on how to operate a highly reliable service.

    Reliability is ultimately about customer satisfaction, which means managing reliability is a more nuanced challenge than simply measuring uptime. For example, you can imagine a service that never goes down but might be really slow or difficult to use on a regular basis. I’ll argue no one is going to be happy using that service, despite privacy principles being consistently applied and security practices being among the best in the industry. In short, reliability is just as important and warrants an appropriate level of engineering investment from the service provider to truly satisfy all of the customers’ requirements.