Cloud Computing | Microsoft Trustworthy Computing Blog

Cloud Computing Security News and Guidance for Businesses and Organizations

Cloud Computing | Microsoft Trustworthy Computing Blog

  • Microsoft “Trust Centers” provide integral information for Cloud-related decisions

    By Adrienne Hall, General Manager, Trustworthy Computing

    Customers tell us they’d like more information as to how we protect data, certifications that our services have obtained, and how we address security in the cloud. To address these questions, we’ve put together a number of resources on four Cloud Trust Centers.  See more >>

  • Designing for Failure: The Changing Face of Reliability

    by David Bills, Chief Reliability Strategist, Microsoft

    I’ve written about reliability and resilience before, but the topic is so important it’s worth revisiting again, using an example from the real world I think you’ll appreciate.

    Imagine the pressure the architects and engineers were under when they designed and built the Channel Tunnel connecting England to France via rail. The so-called “Chunnel” would have to transport — safely —millions of people a year at speeds over 160 kilometers per hour, across 37.9 undersea kilometers.

    With so many lives at stake, the designers had to eliminate all possibility of failure. Wrong. In fact, in building the Channel Tunnel, the designers expected failure of individual components. That’s why they built three interconnected tunnels: two of them to accommodate rail traffic, and one in the middle for maintenance, but also to serve as an emergency escape route, if needed.  See more >>

  • Strengthening encryption for Microsoft Azure customers

    By Mike Reavey, General Manager, Trustworthy Computing

    In July, we published a blog post which talked about the advancements Microsoft had made in encryption for and OneDrive to further increase the security of our customers data.   Today, Microsoft Azure has taken additional steps toward our commitment to protecting customer data with the announcement of encryption improvements for Microsoft Azure guest OS.   

    The encryption improvements, which apply to Microsoft Azure cipher solution for hosted guest virtual machines, provide customers with enhanced protection when connecting and transmitting data. For example, the enhancements to the default Transport Layer Security (TLS)/Secure Socket Layer (SSL) cipher suites helps ensure that connections are better encrypted during transmission.  In addition, enabling Perfect Forward Secrecy (PFS) helps ensure a different encryption key is used for every connection, making it more difficult for attackers to decrypt connections.  See more >>

  • Creating a safer digital world: partnerships continue with security researchers at BlackHat

    by Adrienne Hall, General Manager, Trustworthy Computing

    This week a number of my colleagues and I are attending the Black Hat USA 2014 conference in Las Vegas, Nevada.  BlackHat, now a popular destination for world-class security researchers, security executives, leaders in the public and private sectors and academia, is rich in the number of ways people can engage in the advancement of the security industry.  Participants also meet in a number of venues around BlackHat to share the latest information in security research, development and trends.  For us, our conference sponsorship and the participation of employees, provides a way to exchange insights, collaborate, and cultivate new relationships with security researchers and industry professionals from around the world.  See more >>

  • Protecting customer email from government eyes

    By Brendon Lynch, Chief Privacy Officer, Microsoft

    At Microsoft, we know that customer trust is essential to our business. People will use technology only if they can trust it, and our commitment to protecting customer data is an important element in building and maintaining that trust. The issue of who owns email is at the center of an important hearing in U.S. federal court in New York this week.  See more>>

  • Dynamics CRM Online for Governments Compliant with FedRAMP

    By Adrienne Hall, General Manager, Trustworthy Computing

    Yesterday at Microsoft's worldwide partner conference, my colleague Curt Kolcun, Vice President, U.S. Public Sector announced additional updates that make Microsoft’s cloud – which spans infrastructure, data, productivity, mobility and more –an increasingly compelling solution for government customers. 

    Curt announced several things. The first is that Dynamics CRM Online joins Office 365 and Azure in providing additional cloud services for government, in compliance with FedRAMP. Available in early 2015, this will allow customers to use their existing Microsoft investments on-premises and in the cloud through hybrid capabilities including integration with Azure and Office 365 government community clouds. Read more >>

  • Security, Transparency and Privacy

    By Brendon Lynch, Chief Privacy Officer, Microsoft

    Last week my colleague, Matt Thomlinson, shared some important updates about Microsoft’s efforts to enhance protections for our customers’ data and to increase transparency regarding our engagements with governments around the world.  Read more >>

  • Protecting Data and Privacy in the Cloud: Part 3

    By Brendon Lynch, Chief Privacy Officer, Microsoft

    In my last blog post, I made the point that consumers and organizations choose a cloud service based on their ability to trust that the cloud service provider will protect their privacy. At Microsoft we work to earn that trust with specific data protection measures in place and with a promise to use data in a manner consistent with customer expectations. Our enterprise customers can rest assured that the data they entrust to us belongs to them.

    As organizations make the complex decision to invest in cloud services, we understand the importance of being transparent about our practices and policies. See more >>

  • Advancing our encryption and transparency efforts

    By Adrienne Hall, General Manager, Trustworthy Computing

    As a company, we have been working hard to further increase data security protections in our services, to  add capacity to our transparency center  engagements with governments, and to push governments to be more transparent themselves. 

    In December, we announced our commitment to increase the security of our customers’ data, and our plans to reinforce legal protections for our customers’ data.  In January, we called for an international convention focused on the issue of government access to data.  Then in March, we shared the additional steps we took to protect your privacy

    We are committed to earning our customers’ trust each and every day, and today, Matt Thomlinson, vice president for Trustworthy Computing Security, shares  the progress we are making on these fronts. I encourage you to check out his Microsoft on the Issues blog post to learn more about this announcement.  See more >>

  • Antifragility – the goal for high-performance IT organizations

    David Bills, Chief Reliability Strategist, Microsoft

    In a recent post, I shared a short list of my favorite books and articles, related to reliability. Each one has influenced my thinking with respect to how to go about creating a high-performing IT organization, despite the fact not all of these publications are IT-centric in terms of subject matter. In this post, I’m going to take a closer look at “Antifragile”, the 2012 book written by Nassim Nicholas Taleb, and describe why I think the concept of antifragility is particularly applicable to cloud computing. See more >>