Vendor Report: Microsoft® Cloud Security - 70126

Report Details

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host existing applications that run under Windows Server 2008 and certain types of data in these Microsoft datacenters. Microsoft has put considerable thought into meeting the security challenges of Cloud computing and incorporated solutions to these challenges in their offering.

Many organizations are moving towards a Cloud model to optimize the procurement of IT services from both internal and external suppliers. The Cloud is not a single model but covers a wide spectrum ranging from applications shared between multiple tenants to virtual servers used by a single customer.  The information security risks associated with Cloud computing depend upon both the service model and the delivery model adopted. The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. In addition moving to the Cloud poses some compliance challenges.

This report finds that the Microsoft Cloud offering addresses the following important security challenges:

  • Availability: Windows Azure running in the Microsoft worldwide network of datacenters provides several levels of redundancy to maximize the availability of applications and data.
  • Compliance and data privacy: Microsoft Corporation is a signatory to the Safe Harbor agreement. Customers can choose the geographic location of the data. The service operates within the Microsoft Global Foundation Services infrastructure, portions of which are ISO 27001 certified.
  • Privilege management: Microsoft deploys a range of controls to protect against unauthorized activity by operational personnel.
  • Identity and Access: Windows Azure supports a claims based approach to managing access by end users to hosted applications and data. It supports important standards like SAML, and a range of identity providers.

The Microsoft technology includes proprietary interfaces that could lead to an organization choosing this technology to become”locked-in”. Although the platform supports encryption of customer data this is not the default. KuppingerCole strongly recommend that data in the Cloud should be encrypted.

While the Microsoft technology supports confidentiality, availability of data and integrity of processing it is up to the organization to develop and configure a Cloud service built using this technology to achieve these objectives. KuppingerCole recommends that any organization intending to use the Microsoft platform should clearly define the information security requirements and evaluate how these will be met in detail.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Aug 29, 2011

Vendor Report: Microsoft® Cloud Security - 70126

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host…

€195.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Latest Related Reports

Leadership Compass

Leadership Compass: Cloud Access Security Brokers - 72534

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.

Executive View

Executive View: Watchful Software RightsWatch - 70848

RightsWATCH automatically classifies and protects any file format in accordance with corporate policy based on content, context or metadata-aware policy rules, extending the Microsoft Right Management facility to ensure that sensitive and confidential information is identified and…

Executive View

Executive View: CipherCloud Trust Platform - 72530

Many organizations are using cloud services but the use of these services is often poorly governed. Cloud Access Security Brokers (CASBs) provide functionality to discover the use of the cloud, to control which cloud services can be accessed and to protect the data held in these services.…

Leadership Compass

Leadership Compass: Cloud Access Security Brokers - 71138

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.

Executive View

Executive View: Sophos Protection for Amazon Web Services - 71680

Sophos UTM is a suite of integrated security applications that provides the same layered protection for applications and data hosted in the AWS cloud as for on premise deployments. This report provides a review of the functionality provided by this set of products and an assessment of its…

Executive View

Executive View: Signicat Connect, Assure, Sign & Preserve - 72504

Signicat offers cloud-based services for secure access to applications, identity proofing, electronic signing, and long-time archiving of signed and sealed documents. With these services, Signicat supports organizations in transforming paper-based processes to cloud-based services, while…

Executive View

Executive View: IBM Cloud Security Enforcer - 71523

IBM Cloud Security Enforcer is a cloud-delivered solution that provides cloud application visibility, identity and access management, and threat prevention.

Executive View

Executive View: AlienVault Unified Security Management (USM) Platform - 72520

AlienVault Unified Security Management (USM) platform provides a complete all in one security management solution for organizations with limited resources such as security staff, time and budget.

Executive View

Executive View: Zscaler Internet Security Platform - 71010

Zscaler is a unified Security-as-a-Service platform integrating various security services like web and mobile security, next generation firewall, data leakage prevention, advanced threat protection and bandwidth management in an entirely cloud-based solution without any on-premise hardware.

Executive View

Executive View: FireHost Secure Virtual Private Cloud – Security and Assurance - 71284

An overview of FireHost Secure Virtual Private Cloud together with an assessment of the security and assurance provided in respect of five critical risks faced by a cloud customer.