Post on 18-Jun-2020
Azure Services at a glance
Added value of Azure Cloud
Added value of Azure Cloud
© Microsoft Corporation
Availability
Scalability
Replicability
Security/Compliance
Added value of Azure Cloud
Azure Availability
Azure Scalability
Azure Replicability
Cloud-Dienst
VM mit
IP-Adresse
Load Balanced Endpoint
with IP-Adress
Storage Account Virtual Network
Cloud-Dienst
Subnet-1Disk (BLOB)
Virtuelle Machine
Network Interface
Virtuelle Machine
IP-Adresse
Load Balancer
Load Balancer
IP-Adress
Virtual Network
Speicherkonto
Ressourcengruppe
Disk (BLOB)
Subnet
Depends On
US G
ov
Glo
bal
Reg
ion
al
Ind
ust
ry
ISO 27001:2013
ISO 27017:2015
ISO 27018:2014
ISO 22301:2012
ISO 9001:2015
ISO 20000-1:2011
SOC 1 Type 2
SOC 2 Type 2
SOC 3
CSA STAR Certification
CSA STAR Attestation
CSA STAR Self-Assessment
WCAG 2.0
FedRAMP High
FedRAMP Moderate
EAR
DoD DISA SRG Level 5
DoD DISA SRG Level 4
DoD DISA SRG Level 2
DFARS
DoE 10 CFR Part 810
NIST SP 800-171
NIST CSF
Section 508 VPATs
PCI DSS Level 1
GLBA
FFIEC
Shared Assessments
FISC (Japan)
FCA (UK)
MAS + ABS (Singapore)
23 NYCRR 500
HIPAA BAA
HITRUST
21 CFR Part 11 (GxP)
MARS-E
NHS IG Toolkit (UK)
NEN 7510:2011 (Netherlands)
FERPA
CDSA
MPAA
FACT (UK)
DPP (UK)
Argentina PDPA
Australia CCSL / IRAP
Canada Privacy Laws
China GB 18030:2005
China DJCP (MLPS) Level 3
Germany C5
India MeitY
Japan CS Mark Gold
Japan My Number Act
Netherlands BIR 2012
New Zealand Gov CIO Fwk
Singapore MTCS Level 3
Spain ENS
Spain DPA
UK Cyber Essentials Plus
UK G-Cloud
UK PASF
FIPS 140-2
ITAR
CJIS
IRS 1075
Azure verfügt über 70 Compliance Angebote
China TRUCS / CCCPPF
EN 301 549
EU ENISA IAF
EU Model Clauses
EU – US Privacy Shield
Germany IT-Grundschutz workbook
https://aka.ms/AzureCompliance
Azure Security/Compliance
https://docs.microsoft.com/de-de/azure/security/index
Azure Compliance Blueprints
“A Cloud you can Trust”
10
“Businesses and users are going to
embrace technology only if they can
trust it.”– Satya Nadella
• We take seriously our commitment to
protect customers in the world of clouds.
• We live standards and methods designed
to win your trust.
• We work with industry and government
to build trust in the cloud system.
At Microsoft, we never take your
trust for granted
„Microsoft invests about $1 billion in cyber security year after year. Data security,
data protection, transparency and compliance are our top priorities. As a global
cloud provider, we consistently invest in the latest security technologies together
with our partners to support our customers holistically in their security strategy –
from prevention to countering attacks "
Milad Aslaner, Senior Product Manager für Cyber Security, Microsoft Deutschland
IT-SA Nürnberg, Oktober 2018
Azure Security overview
ASC – Control of Security Policy & Compliance
Security Dashboards
Deliver Rapid Insights into
Security State Across All
Workloads
ASC – Architecture
• Real-time risk analysis
• Required countermeasures to achieve compliance
• Better understanding of infrastructure and required security policies
ASC – SecureScore
Adapting the security policy with recommendations for action
ASC – Compliance Manager
ASC – Compliance Manager
HSMs
• Protect & manage underpinning keys
• Facilitate compliance with data security regulations
• FIPS 140-2 certified
BYOK with Azure Encyption Options nShield Edge
nShield Connect
Azure Key Vault
• Maintain nCipherHSMs in the cloud
• Hold your keys
• Secure your data in the cloud
Your Data
• Remains encrypted in the cloud
• Uses your own keys
• Cannot be read by cloud service provider without your consent
HYOK with Azure Encryptions Options
ON PREMISE
nShield Connect
HSM
Microsoft
RMS
Apps
Azure Platform
Azure Key Vault
IN CLOUD
Azure
RMS
http://docs.microsoft.com/en-us/azure/security/azure-security
https://docs.microsoft.com/de-de/azure/security/index
http://aka.ms/security