Vendor Report: Microsoft® Cloud Security - 70126

Report Details

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host existing applications that run under Windows Server 2008 and certain types of data in these Microsoft datacenters. Microsoft has put considerable thought into meeting the security challenges of Cloud computing and incorporated solutions to these challenges in their offering.

Many organizations are moving towards a Cloud model to optimize the procurement of IT services from both internal and external suppliers. The Cloud is not a single model but covers a wide spectrum ranging from applications shared between multiple tenants to virtual servers used by a single customer.  The information security risks associated with Cloud computing depend upon both the service model and the delivery model adopted. The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. In addition moving to the Cloud poses some compliance challenges.

This report finds that the Microsoft Cloud offering addresses the following important security challenges:

  • Availability: Windows Azure running in the Microsoft worldwide network of datacenters provides several levels of redundancy to maximize the availability of applications and data.
  • Compliance and data privacy: Microsoft Corporation is a signatory to the Safe Harbor agreement. Customers can choose the geographic location of the data. The service operates within the Microsoft Global Foundation Services infrastructure, portions of which are ISO 27001 certified.
  • Privilege management: Microsoft deploys a range of controls to protect against unauthorized activity by operational personnel.
  • Identity and Access: Windows Azure supports a claims based approach to managing access by end users to hosted applications and data. It supports important standards like SAML, and a range of identity providers.

The Microsoft technology includes proprietary interfaces that could lead to an organization choosing this technology to become”locked-in”. Although the platform supports encryption of customer data this is not the default. KuppingerCole strongly recommend that data in the Cloud should be encrypted.

While the Microsoft technology supports confidentiality, availability of data and integrity of processing it is up to the organization to develop and configure a Cloud service built using this technology to achieve these objectives. KuppingerCole recommends that any organization intending to use the Microsoft platform should clearly define the information security requirements and evaluate how these will be met in detail.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Aug 29, 2011

Vendor Report: Microsoft® Cloud Security - 70126

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host…

€195.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Latest Related Reports

Executive View

Executive View: Saviynt Security Manager for Enterprise IGA - 80325

Saviynt offers a comprehensive compliance-as-a-service platform providing Identity Governance and Management, Application Risk and Governance, Cloud Security, and Cloud PAM functionality. Designed to be deployed as a cloud, hybrid, or on-premise solution, the Saviynt Security Manager for…

Executive View

Executive View: AWS Security Analytics Solutions - 80220

AWS provides a comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio, with all security alerts aggregated, organized and prioritized within AWS Security Hub – an extensible cloud security and compliance management platform.

Advisory Note

Advisory Note: Future of Identity Management - 71303

Digital identities are at the core of Digital Transformation, Information Security and Privacy, and therefore it has never been more important for enterprises to ensure they have the capability to manage identities effectively and efficiently in a rapidly changing business, regulatory and…

Architecture Blueprint

Architecture Blueprint: Identity and Access Management - 72550

IAM has been one of the central security infrastructures for many years. The changing role and importance of digital identities leads to fundamental changes in IAM architectures. The challenges for a future proof IAM are complex, diverse and sometimes even conflicting. Organization demand…

Leadership Compass

Leadership Compass: Infrastructure as a Service – Global Providers - 80035

The KuppingerCole Leadership Compass provides an overview of vendors and their product or service offerings in a certain market segment.  This Leadership Compass focusses on Infrastructure as a Service (IaaS) from Cloud Service providers (CSP) with a global presence and with a specific…

Executive View

Executive View: Curity Identity Server - 80159

Curity AB delivers a software-based API-driven identity server for businesses that need help connecting identity infrastructure, digital services, and cloud applications. Their solution adheres to many identity standards, to promote interoperability and to make it easier for clients to…

Executive View

Executive View: AWS Control Tower - 80219

Managing access to applications, systems and resources is a key task for any organization and the hybrid IT deployment model has made this even more complex.  One area of concern is managing administrative access – administration is an essential process, but the administrator…

Executive View

Executive View: Akamai Zero Trust Security - 80054

Akamai’s Intelligent Edge Platform offers a broad range of access management, threat protection, and application security services that will support you in your journey to Zero Trust, making it safe, scalable and easy to manage – delivered entirely from the cloud.

Executive View

Executive View: Oracle Identity Cloud Service - 80156

Most organizations now have a hybrid IT environment with a cloud first approach to choosing new applications.  While this provides many benefits it also creates challenges around security and administration.  Managing identity and access in a consistent manner across all IT…

Whitepaper

Whitepaper: Oracle Identity Cloud Service: Identity for Business Applications in the Hybrid IT - 80155

Today, most businesses are using hybrid IT, with a mix on-premises and cloud applications and services. And hybrid IT is here to stay, given that many of the legacy applications are hard and costly to migrate. Thus, Identity Services must work well for all these applications and the entire…

Discover KuppingerCole

KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

The Next Best Thing After "Secure by Design"

There is an old saying that goes like this: “you can lead a horse to water, but you can’t make it drink”. Nothing personal against anyone in particular, but it seems to me that it perfectly represents the current state of cybersecurity across almost any industry. Although the cybersecurity tools are arguably becoming better and more sophisticated, and, for example, cloud service providers are constantly rolling out new security and compliance features in their platforms, the [...]

Latest Insights

Hot Topics

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00