Vendor Report: Microsoft® Cloud Security - 70126

Report Details

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host existing applications that run under Windows Server 2008 and certain types of data in these Microsoft datacenters. Microsoft has put considerable thought into meeting the security challenges of Cloud computing and incorporated solutions to these challenges in their offering.

Many organizations are moving towards a Cloud model to optimize the procurement of IT services from both internal and external suppliers. The Cloud is not a single model but covers a wide spectrum ranging from applications shared between multiple tenants to virtual servers used by a single customer.  The information security risks associated with Cloud computing depend upon both the service model and the delivery model adopted. The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. In addition moving to the Cloud poses some compliance challenges.

This report finds that the Microsoft Cloud offering addresses the following important security challenges:

  • Availability: Windows Azure running in the Microsoft worldwide network of datacenters provides several levels of redundancy to maximize the availability of applications and data.
  • Compliance and data privacy: Microsoft Corporation is a signatory to the Safe Harbor agreement. Customers can choose the geographic location of the data. The service operates within the Microsoft Global Foundation Services infrastructure, portions of which are ISO 27001 certified.
  • Privilege management: Microsoft deploys a range of controls to protect against unauthorized activity by operational personnel.
  • Identity and Access: Windows Azure supports a claims based approach to managing access by end users to hosted applications and data. It supports important standards like SAML, and a range of identity providers.

The Microsoft technology includes proprietary interfaces that could lead to an organization choosing this technology to become”locked-in”. Although the platform supports encryption of customer data this is not the default. KuppingerCole strongly recommend that data in the Cloud should be encrypted.

While the Microsoft technology supports confidentiality, availability of data and integrity of processing it is up to the organization to develop and configure a Cloud service built using this technology to achieve these objectives. KuppingerCole recommends that any organization intending to use the Microsoft platform should clearly define the information security requirements and evaluate how these will be met in detail.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Aug 29, 2011

Vendor Report: Microsoft® Cloud Security - 70126

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host…

€195.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Latest Related Reports

Executive View

Executive View: Digital Shadows SearchLight™ - 79041

Digital Risk Protection as a Service. A combination of data loss protection, the securing of brands and reputation online and the reduction of the overall attack surface by identifying weaknesses in an organization’s infrastructure.

Advisory Note

Advisory Note: Maturity Level Matrix for Cyber Security - 72555

KuppingerCole Maturity Level Matrixes for the major market segments within cyber security. These provide the foundation for rating the current state of your cyber security projects and programs.  

Advisory Note

Architecture Blueprint: Hybrid Cloud Security - 72552

Organizations now commonly use multiple cloud services as well as on-premises IT. This KuppingerCole Architecture Blueprint provides a set of building blocks needed to design, implement and integrate security for the Hybrid Cloud.

Executive View

Executive View: Zscaler Security-as-a-Service Platform - 72505

Zscaler is the world’s largest multi-tenant distributed cloud security platform that delivers a broad range of services without any on-premises hardware or software agents, including cybersecurity, network transformation, public cloud connectivity, and secure access to on-premises and…

Executive View

Executive View: Delphix Dynamic Data Platform - 79010

Die Delphix Dynamic Data Platform ist eine integrierte Plattform für die Verwaltung, Absicherung und Replizierung von Daten in lokalen, cloudbasierten und Hybrid-Umgebungen. Sie kombiniert eine hochleistungsfähige Virtualisierung mit integriertem Data Masking und automatisierten…

Executive View

Executive View: CipherCloud CASB+ - 79037

Many organizations are using cloud services, but the use of these services is often poorly governed. Cloud Access Security Brokers (CASBs) provide functionality to discover the use of the cloud, to control which cloud services can be accessed and to protect the data held in these services.…

Executive View

Executive View: Delphix Dynamic Data Platform - 79010

Delphix Dynamic Data Platform is an integrated platform for managing, securing and replicating data across on-premises, cloud and hybrid environments. Combining high-performance virtualization, integrated masking and automated self-service workflows, it significantly increases efficiency of…

Advisory Note

Buyer's Guide: Hybrid Cloud Services - 72562

Organizations now commonly use multiple cloud services as well as on premises IT. This KuppingerCole Buyer’s Guide focusses on IaaS services. It will provide you with questions to ask vendors, criteria to select your vendor, and the requirements for successful deployments. This report…

Advisory Note

Advisory Note: Security Organization Governance and the Cloud - 72564

The cloud provides an alternative way of obtaining IT services that offers many benefits including increased flexibility as well as reduced cost.   This document provides an overview of the approach that enables an organization to securely and reliably use cloud services to…

Whitepaper

Whitepaper: GDPR Herausforderungen mit Delphix meistern - 70368

Mit der neuen Datenschutz-Grundverordnung (GDPR) führt die EU strenge Kontrollen bezüglich der Verarbeitung personenbezogener Daten von EU-Bürgern sowie hohe Geldstrafen bei Nicht-Einhaltung eben dieser ein. Die Compliance der Grundverordnung erfordert kostenintensive…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Oops, Google did it again!

Oops, Google did it again!

Like many people with a long career in IT, I have numerous small computer-related side duties I’m supposed to perform for my less skilled friends and relatives. Among those, I’m helping manage a G Suite account for a small business a friend of mine has. Needless to say, I was a bit surprised to receive an urgent e-mail alert from Google yesterday, telling me that several users in that G Suite domain were impacted by a password storage problem. Turns out, Google has just discovered [...]

Latest Insights

Hot Topics

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00