Employee Selection and Staffing MGRS 467 Dr. Yvonne Stedham.
Windows Azure Windows Azure: Security, Privacy, ComplianceTitle: Country Mgrs., Account Mgrs., BG...
-
Upload
karen-gardner -
Category
Documents
-
view
219 -
download
0
Transcript of Windows Azure Windows Azure: Security, Privacy, ComplianceTitle: Country Mgrs., Account Mgrs., BG...
Windows Azure Security, Privacy, &
ComplianceYour name goes here
Your title goes here
Windows Azure
430B+ Windows Azure AD authentications
280% year-over-year database growth in Windows Azure
50%of Fortune 500 use Windows Azure
$25,000in the cloud would cost $100,000 on premises(Microsoft Azure BI Team, STMG Proof Points Central)
EconomicsScale
30,000
to
250,000
Scale from
site visitors instantly(Case Study: Autocosmos)
2
weeksto deliver new services vs. 6-12 months with traditional solution(Case Study: HarperCollins Publishers)
Speed
Technology trends: driving cloud adoption
4
of CIOs will embrace a cloud-first strategy in 2016
(IDC CIO Agenda webinar)
Cloud Trend:
70%
BENEFITS
WINDOWS AZURE ADOPTION
Windows Azure
Pre-adoption concern
60%cited concerns around data security as a barrier to adoption
45%concerned that the cloud would result in a lack of data control
Benefits realized
94%experienced security benefits they didn’t previously have on-premise
62%said privacy protection increased as a result of moving to the cloud
Cloud innovation OPPORTUNITY FOR SECURITY & COMPLIANCE BENEFITS
SECURTIY
• Design/Operation
• Infrastructure• Network• Identity/access• Data
PRIVACY
COMPLIANCE
Windows Azure
Trustworthy foundationBUILT ON MICROSOFT EXPERIENCE AND INNOVATION
Trustworthy ComputingInitiative
Security Development
LifecycleGlobal Data Center
Services
Malware Protection
Center
Microsoft SecurityResponse Center
Windows Update
1st Microsoft
Data Center Active
Directory SOC 1
CSA Cloud Controls Matrix PCI DSS
Level 1
FedRAMP/FISMA
UK G-Cloud Level 2
ISO/IEC 27001:2005
HIPAA/HITECH
Digital Crimes Unit
SOC 2
E.U. Data Protection Directive
1989 1995 2000 2005 2010
Windows Azure
Shared responsibilityREDUCE SECURITY COSTS + MAINTAIN FLEXIBILITY, ACCESS, & CONTROL
Customer Microsoft
On-Premises IaaS PaaS SaaS
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
Windows Azure
Transparency & independent verification
8
Best practices and guidance
Third-party verification
Cloud Security Alliance
Security intelligence
report
Compliance packages
Trust Center
Access to audit reports
Security Response
Center progress report
AID CUSTOMERS IN MEETING SECURITY & COMPLIANCE OBLIGATIONS
Windows Azure 9
Security
Microsoft approach in action
CompliancePrivacy
Windows Azure 10
Security
We chose Azure because all things being equal, it is the easiest cloud platform to work with. Security and patching is already taken care of, so it is less labour-intensive.”
Windows Azure
Security at the core
Operational security controls
Assume breach
Incident response
Software Development Lifecycle (SDL)
Windows Azure 12
24 hour monitored physical security
System monitoring and logging
Patch management
Anti-Virus/Anti-Malware protection
Intrusion detection/DDoS
Penetration testing
Dedicated US government cloud
Infrastructure protection
Windows Azure
Network protection
Encrypted connections
Virtual Networks
ExpressRoute
Network isolation
Windows Azure 14
Enterprise cloud identity – Windows Azure AD
Access monitoring
Single sign-on
Multi-Factor Authentication
Role based access controls
Identity & access
Windows Azure 15
Encrypted data transfer
Encryption options for stored data
Data segregation
Choice of data location
Data redundancy
Data destruction
Data protection
Windows Azure
Privacy
Our vision is to be the national leader in patient-centered e-healthcare.… Using Windows Azure as our delivery system provides us with a level of trust and reliability that makes this possible.”
Windows Azure 1010101010101010101010101010101010101010101010101010
1010101010101010101010101010
10101010101010101010101010101010
Contractualcommitments
Restricted data access and use
No use for advertising
Privacy by Design
Privacy by design
Windows Azure
Compliance
Windows Azure was attractive because it has built-in capabilities for compliance with a wide range of regulations and privacy mandates.”
Windows Azure
ISO 27001 SOC 1 Type 2SOC 2 Type 2
FedRAMP/FISMAPCI DSS Level 1UK G-CloudHIPAA/HITECH
Information security standards
Effective controls
Government
& industry certifications
Simplified compliance
Windows Azure
Unified platform for modern business
Microsoft commitment
Enhance Security
Protect Privacy
Simplify Compliance
Windows Azure 21
Trusted by leading companies
Windows Azure
Get started today! Talk to a Microsoft security expert
Explore additional resources: Microsoft Trust Center for Windows Azure: http://
www.windowsazure.com/en-us/support/trust-center
Trustworthy Computing Cloud Services: www.microsoft.com/trustedcloud
Windows Azure
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.