Cloud Computing | Microsoft Trustworthy Computing Blog

Cloud Computing Security News and Guidance for Businesses and Organizations

October, 2013

  • RSA Europe 2013: Operational Security for Online Services

    By Mike Reavey, General Manager, Trustworthy Computing

    Today, at the RSA Conference Europe in Amsterdam, I gave a presentation on an important update to Microsoft’s security efforts – Operational Security Assurance (OSA). The design of a secure operations methodology is part of our ongoing commitment to enable trustworthy computing in all aspects of our online services, and OSA represents the next evolution of these efforts.

    Since 2004, the Microsoft Security Development Lifecycle (SDL) has helped developers to build more secure software from the ground up. But the job doesn’t end there. Attacks do not necessarily target weaknesses in software. Some attacks are operational in nature, while others, like the Flame malware, target both software vulnerabilities and operational weaknesses. Defending cloud services against network attacks requires both strong development practices, like SDL, and a strong operational security regime. The following list includes a number of ways that OSA adds considerable value to the focus on infrastructure issues and operational security..  Read more

  • Getting Seniors in the Game

    By Trustworthy Computing Staff

    Microsoft has a longstanding commitment to building technology that improves the lives of people of all ages and abilities.  We’re proud of the work we do to provide trusted computing experiences for everyone. 

    Some of that work includes programs to reach people who may not have experienced our technology before, or may not have used it to its fullest extent.  A recent example of this is Exergamers NYC, a public-private partnership in which Microsoft collaborated with New York City government agencies to help seniors benefit from using Kinect for XBOX 360 and Skype.

    Together, we set up Exergaming programs at senior centers across the five boroughs of New York, enabling seniors to enjoy a fun workout like Zumba or virtual bowling without using complicated machines or heavy objects. Players can also watch their competitors at other locations and engage with them directly over Skype.

    For more details on Exergamers, please see this blog post by Bonnie Kearney from our Accessibility team.

  • A New Era of Operational Security in Online Services

    By Mike Reavey, General Manager, Trustworthy Computing

    Tomorrow I will have the opportunity to keynote at the RSA Conference Europe and discuss the work I’ve been involved with overseeing Operational Security for Microsoft Online Services. This is a topic that I am deeply passionate about and as Microsoft’s investment in the OneMicrosoft initiative becomes a primary focus of my work in the coming years. Read more

  • 10 Years of Cyber Security Awareness

    By Jacqueline Beauchere, Chief Online Safety Officer, Microsoft

    NCSA Board of Directors Vice Chair

    Today, the phrase “cyber security” prompts conversations at both the kitchen table and the boardroom table.  That’s noticeable progress, considering it’s been just 10 years since the National Cyber Security Alliance (NCSA) launched its first awareness month in October 2003—a 31-day effort designed to raise the public consciousness about the need for safer habits and practices online.  

    While a few things are clear—for instance, more people know what to do to help secure their computing devices and personal data, some risky behaviors persist that may still leave individuals vulnerable.  As a result, the panelists agreed more can be done on the part of all participants—individual consumers, businesses, organizations, and government.

    See more >>

     

  • Microsoft supports continuing work toward a 'Do Not Track' standard

    By Adrienne Hall, General Manager, Trustworthy Computing  

    Microsoft has been steadfastly committed to, and engaged in, the W3C's Tracking Protection Working Group’s efforts to define a Do Not Track standard.  We believe DNT holds the potential to help people better manage their privacy online.

    The Working Group chairs are currently asking members how and whether to proceed with DNT standards work.  At the Microsoft on the Issues blog, Chief Privacy Officer Brendon Lynch shared our response, emphasizing that Microsoft supports continued work toward a final, meaningful DNT standard that will help build greater trust across the Internet ecosystem.

  • Trust and Transparency Continue to be Important for Cloud Customers

    By Adrienne Hall, General Manager, Trustworthy Computing

    The second annual Cloud Security Alliance (CSA) EMEA Congress was held last month in Edinburgh, Scotland, where several hundred business leaders and security professionals participated in an interesting series of sessions and interactive demonstrations from 20+ cloud providers.

    With more and more organizations moving from evaluating the cloud to actual deployment, it is not surprising that trust, transparency and compliance came up during this event. Cloud providers should be prepared to address questions in these areas.

    I was invited to deliver a keynote presentation at the event, in which I outlined the investments Microsoft makes in three broad categories: 1) the development of secure cloud offerings; 2) datacenter security; and 3) incident response – communication to customers if and when the unexpected occurs. 

    See more >>