Cloud Computing | Microsoft Trustworthy Computing Blog

Cloud Computing Security News and Guidance for Businesses and Organizations

Cloud Computing | Microsoft Trustworthy Computing Blog

  • Protecting Customer Data in Our Cloud through Microsoft Azure

    By Mike Reavey, General Manager, Trustworthy Computing

    Last month, Microsoft published helpful guidance for IT Professionals looking to maximize the protection of their data using the tools and technologies available in the Azure platform and related services for encryption, access control and other aspects of data security.  This paper, entitled “Protecting Data in Microsoft Azure” explores key areas that should be considered when using either the platform (PaaS), infrastructure (IaaS) or a hybrid database solution.  Read more >>

  • Measure Twice, Cut Once, With RMA Methodology

    David Bills, Chief Reliability Strategist, Microsoft

    I’ve been beating our drum for a while now about the inevitability of failure in cloud-based systems. Simply put, the complexities and interdependencies of the cloud make it nearly impossible to avoid service failure, so instead we have to go against our instincts and actually design for this eventuality.

    Once you accept this basic premise, the next question is how exactly do we need to change our design processes? The Resilience Modeling and Analysis (RMA) methodology is a key part of the answer.

    RMA brings the master carpenter’s “measure twice, cut once” philosophy to engineering. The goal is to help ensure teams think through as many of the potential reliability-related issues as possible before committing code to production—not to prevent every single failure mode, but to limit the impact a failure could have on customers if they occur. Read more >>

  • Questions to ask your cloud provider

    By Adrienne Hall, General Manager, Trustworthy Computing

    When it comes to building trust with cloud services customers, there’s no substitute for transparency. A cloud provider should be able to explain in detail how it will address the security, privacy and compliance needs of its customers.  Read more >>

  • Customer Spotlight: BLK Super Specialty Hospital

    By Adrienne Hall, General Manager, Trustworthy Computing

    Delivering great Healthcare becomes a reality when the whole team knows what is going on with the patient.  How are some Hospitals connecting all of the various practitioners, caregivers and medical services throughout the patient’s entire course of medical treatment?  Many are turning to Cloud Services to ensure information flows seamlessly and all aspects of the Hospital stay are connected optimally to enable quick, accurate and safe medical care.

    BLK Super Specialty Hospitals in New Delhi, India is one such business, now taking advantage of a streamlined solution that offers employee emails and a global address book to connect Hospital staff with each other.  BLK Super Specialty Hospitals decided to go with Microsoft’s Office 365 for its 1,000 employees after exploring various solutions such as Google apps, Zimbra cloud and others, and determining that the solution would meet their security, privacy and compliance requirements. Read more >>

  • Your email belongs to you, not us

    By Brendon Lynch, Chief Privacy Officer, Microsoft

    Microsoft is committed to delivering meaningful privacy protections that build trust with our customers, and we know how much you value the contents of your email.  We believe your email belongs to you, not us, and that it should receive the same privacy protection as paper letters sent by mail--no matter where it is stored.  Read more >>

  • Microsoft “Trust Centers” provide integral information for Cloud-related decisions

    By Adrienne Hall, General Manager, Trustworthy Computing

    Customers tell us they’d like more information as to how we protect data, certifications that our services have obtained, and how we address security in the cloud. To address these questions, we’ve put together a number of resources on four Cloud Trust Centers.  See more >>

  • Designing for Failure: The Changing Face of Reliability

    by David Bills, Chief Reliability Strategist, Microsoft

    I’ve written about reliability and resilience before, but the topic is so important it’s worth revisiting again, using an example from the real world I think you’ll appreciate.

    Imagine the pressure the architects and engineers were under when they designed and built the Channel Tunnel connecting England to France via rail. The so-called “Chunnel” would have to transport — safely —millions of people a year at speeds over 160 kilometers per hour, across 37.9 undersea kilometers.

    With so many lives at stake, the designers had to eliminate all possibility of failure. Wrong. In fact, in building the Channel Tunnel, the designers expected failure of individual components. That’s why they built three interconnected tunnels: two of them to accommodate rail traffic, and one in the middle for maintenance, but also to serve as an emergency escape route, if needed.  See more >>

  • Strengthening encryption for Microsoft Azure customers

    By Mike Reavey, General Manager, Trustworthy Computing

    In July, we published a blog post which talked about the advancements Microsoft had made in encryption for and OneDrive to further increase the security of our customers data.   Today, Microsoft Azure has taken additional steps toward our commitment to protecting customer data with the announcement of encryption improvements for Microsoft Azure guest OS.   

    The encryption improvements, which apply to Microsoft Azure cipher solution for hosted guest virtual machines, provide customers with enhanced protection when connecting and transmitting data. For example, the enhancements to the default Transport Layer Security (TLS)/Secure Socket Layer (SSL) cipher suites helps ensure that connections are better encrypted during transmission.  In addition, enabling Perfect Forward Secrecy (PFS) helps ensure a different encryption key is used for every connection, making it more difficult for attackers to decrypt connections.  See more >>

  • Creating a safer digital world: partnerships continue with security researchers at BlackHat

    by Adrienne Hall, General Manager, Trustworthy Computing

    This week a number of my colleagues and I are attending the Black Hat USA 2014 conference in Las Vegas, Nevada.  BlackHat, now a popular destination for world-class security researchers, security executives, leaders in the public and private sectors and academia, is rich in the number of ways people can engage in the advancement of the security industry.  Participants also meet in a number of venues around BlackHat to share the latest information in security research, development and trends.  For us, our conference sponsorship and the participation of employees, provides a way to exchange insights, collaborate, and cultivate new relationships with security researchers and industry professionals from around the world.  See more >>

  • Protecting customer email from government eyes

    By Brendon Lynch, Chief Privacy Officer, Microsoft

    At Microsoft, we know that customer trust is essential to our business. People will use technology only if they can trust it, and our commitment to protecting customer data is an important element in building and maintaining that trust. The issue of who owns email is at the center of an important hearing in U.S. federal court in New York this week.  See more>>