Vendor Report: Microsoft® Cloud Security - 70126

Report Details

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host existing applications that run under Windows Server 2008 and certain types of data in these Microsoft datacenters. Microsoft has put considerable thought into meeting the security challenges of Cloud computing and incorporated solutions to these challenges in their offering.

Many organizations are moving towards a Cloud model to optimize the procurement of IT services from both internal and external suppliers. The Cloud is not a single model but covers a wide spectrum ranging from applications shared between multiple tenants to virtual servers used by a single customer.  The information security risks associated with Cloud computing depend upon both the service model and the delivery model adopted. The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. In addition moving to the Cloud poses some compliance challenges.

This report finds that the Microsoft Cloud offering addresses the following important security challenges:

  • Availability: Windows Azure running in the Microsoft worldwide network of datacenters provides several levels of redundancy to maximize the availability of applications and data.
  • Compliance and data privacy: Microsoft Corporation is a signatory to the Safe Harbor agreement. Customers can choose the geographic location of the data. The service operates within the Microsoft Global Foundation Services infrastructure, portions of which are ISO 27001 certified.
  • Privilege management: Microsoft deploys a range of controls to protect against unauthorized activity by operational personnel.
  • Identity and Access: Windows Azure supports a claims based approach to managing access by end users to hosted applications and data. It supports important standards like SAML, and a range of identity providers.

The Microsoft technology includes proprietary interfaces that could lead to an organization choosing this technology to become”locked-in”. Although the platform supports encryption of customer data this is not the default. KuppingerCole strongly recommend that data in the Cloud should be encrypted.

While the Microsoft technology supports confidentiality, availability of data and integrity of processing it is up to the organization to develop and configure a Cloud service built using this technology to achieve these objectives. KuppingerCole recommends that any organization intending to use the Microsoft platform should clearly define the information security requirements and evaluate how these will be met in detail.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Aug 29, 2011

Vendor Report: Microsoft® Cloud Security - 70126

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host…

€195.00 Get Access
Mastercard Visa PayPal Invoice

Latest Related Reports

Leadership Compass

Leadership Compass: Cloud Access Security Brokers - 72534

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.

Executive View

Executive View: eperi Encryption Gateway - 70619

eperi provides an encryption gateway for data stored in the cloud, based on a unique flexible approach based on templates that specify which data should be  encrypted and how. Combined with built-in indexing capabilities, the product enables fully transparent and infinitely extensible…

Executive View

Executive View: Microsoft Azure Stack - 72592

Microsoft Azure Stack is an integrated hardware and software platform for delivering Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) services of Microsoft Azure public cloud on premises, providing a truly consistent hybrid cloud platform for a wide variety of business…

Leadership Compass

Leadership Compass: Identity as a Service: Cloud-based Provisioning, Access Governance and Federation (IDaaS B2E) - 70319

Leaders in innovation, product features, and market reach for Identity as a Service offerings targeting full Identity and Access Management and Governance capabilities for employees in hybrid environments, but also delivering Single Sign-On to the Cloud and providing support for other…

Leadership Compass

Leadership Compass: Identity as a Service: Single Sign-On to the Cloud (IDaaS SSO) - 71141

Leaders in innovation, product features, and market reach for Identity as a Service offerings targeting Single Sign-On to the Cloud for all types of users, with primary focus on cloud services but some support for on-premise web applications. Your compass for finding the right path in the…

Leadership Compass

Leadership Compass: CIAM Platforms - 70305

This report provides an overview of the market for Consumer Identity and Access Management and provides you with a compass to help you to find the Consumer Identity and Access Management product that best meets your needs. We examine the market segment, vendor product and service…

Executive View

Executive View: Vendor Overview CyberArk - 70280

CyberArk is a pioneer in Privileged Account Security, and is widely recognized as the leader in this sector. Building upon a strong base product, CyberArk has enhanced its offering to include the capabilities that organizations need to secure and manage pr ivileged  accounts and their…

Executive View

Executive View: EmpowerID - 70894

EmpowerID provides  a complete solution for IAM, CIAM, and Adaptive  Authentication.  With a highly  customizable workflow and authorization engine,  EmpowerID delivers advanced functionality for  enterprise and government  customers.

Whitepaper

Whitepaper: VMWare: Unified management and control of the digital workspace - 70286

Identity Management, Endpoint Security , Mobile  Device Management and Access  Management are typically considered to be isolated discipline s . This  can make  administration and governance in these areas complex.  Having a  holistic approach  for the…

Executive View

Executive View: NextLabs Data Centric Security in the Hybrid Cloud - 72531

Organizations are adopting a hybrid model for the delivery of IT services a consistent approach is needed to govern and secure data on-premise, in the cloud and when shared with external parties. NextLabs Data Centric Security Suite provides a proven tool that can protect data and ensure…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Recapping CIW Seattle 2017

Last week we completed the opening dates on the Consumer Identity World Tour in Seattle.  To kick off the event, the Kantara Initiative held a one-day workshop to showcase the work that they do.  Kantara is an international standards organization which develops technical specifications [...]

Latest Insights

Hot Topics

Spotlight

Connected Consumer Learn more

Connected Consumer

When dealing with consumers and customers directly the most important asset for any forward-thinking organisation is the data provided and collected for these new type of identities. The appropriate management of consumer identities is of utmost importance. Handing over personal data to a commercial organisation the consumer typically does this with two contrasting expectations. On one hand the consumer wants to benefit from the organisation as a contract partner for goods or services. Customer-facing organizations get into direct contact with their customers today as they are accessing their [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00