Windows Azure Security, Privacy, &

ComplianceYour name goes here

Your title goes here

Windows Azure

430B+ Windows Azure AD authentications

280% year-over-year database growth in Windows Azure

50%of Fortune 500 use Windows Azure

$25,000in the cloud would cost $100,000 on premises(Microsoft Azure BI Team, STMG Proof Points Central)

EconomicsScale

30,000

to

250,000

Scale from

site visitors instantly(Case Study: Autocosmos)

2

weeksto deliver new services vs. 6-12 months with traditional solution(Case Study: HarperCollins Publishers)

Speed

Technology trends: driving cloud adoption

4

of CIOs will embrace a cloud-first strategy in 2016

(IDC CIO Agenda webinar)

Cloud Trend:

70%

BENEFITS

WINDOWS AZURE ADOPTION

Windows Azure

Pre-adoption concern

60%cited concerns around data security as a barrier to adoption

45%concerned that the cloud would result in a lack of data control 

Benefits realized

94%experienced security benefits they didn’t previously have on-premise

62%said privacy protection increased as a result of moving to the cloud

Cloud innovation OPPORTUNITY FOR SECURITY & COMPLIANCE BENEFITS

SECURITY

• Design/Operation

• Infrastructure• Network• Identity/access• Data

PRIVACY

COMPLIANCE

Windows Azure

Trustworthy foundationBUILT ON MICROSOFT EXPERIENCE AND INNOVATION

Trustworthy ComputingInitiative

Security Development

LifecycleGlobal Data Center

Services

Malware Protection

Center

Microsoft SecurityResponse Center

Windows Update

1st Microsoft

Data Center Active

Directory SOC 1

CSA Cloud Controls Matrix PCI DSS

Level 1

FedRAMP/FISMA

UK G-Cloud Level 2

ISO/IEC 27001:2005

HIPAA/HITECH

Digital Crimes Unit

SOC 2

E.U. Data Protection Directive

1989 1995 2000 2005 2010

Windows Azure

Shared responsibilityREDUCE SECURITY COSTS + MAINTAIN FLEXIBILITY, ACCESS, & CONTROL

Customer Microsoft

On-Premises IaaS PaaS SaaS

Storage

Servers

Networking

O/S

Middleware

Virtualization

Data

Applications

Runtime

Windows Azure

Transparency & independent verification

8

Best practices and guidance

Third-party verification

Cloud Security Alliance

Security intelligence

report

Compliance packages

Trust Center

Access to audit reports

Security Response

Center progress report

AID CUSTOMERS IN MEETING SECURITY & COMPLIANCE OBLIGATIONS

Windows Azure 9

Security

Microsoft approach in action

CompliancePrivacy

Windows Azure 10

Security

We chose Azure because all things being equal, it is the easiest cloud platform to work with. Security and patching is already taken care of, so it is less labour-intensive.

Windows Azure

Security at the core

Operational security controls

Assume breach

Incident response

Software Development Lifecycle (SDL)

Windows Azure 12

24 hour monitored physical security

System monitoring and logging

Patch management

Anti-Virus/Anti-Malware protection

Intrusion detection/DDoS

Penetration testing

Dedicated US government cloud

Infrastructure protection

Windows Azure

Network protection

Encrypted connections

Virtual Networks

ExpressRoute

Network isolation

Windows Azure 14

Enterprise cloud identity – Windows Azure AD

Access monitoring

Single sign-on

Multi-Factor Authentication

Role based access controls

Identity & access

Windows Azure 15

Encrypted data transfer

Encryption options for stored data

Data segregation

Choice of data location

Data redundancy

Data destruction

Data protection

Windows Azure

Privacy

Our vision is to be the national leader in patient-centered e-healthcare.… Using Windows Azure as our delivery system provides us with a level of trust and reliability that makes this possible.

Windows Azure 1010101010101010101010101010101010101010101010101010

1010101010101010101010101010

10101010101010101010101010101010

Contractualcommitments

Restricted data access and use

No use for advertising

Privacy by Design

Privacy by design

Windows Azure

Compliance

Windows Azure was attractive because it has built-in capabilities for compliance with a wide range of regulations and privacy mandates.

Windows Azure

ISO 27001 SOC 1 Type 2SOC 2 Type 2

FedRAMP/FISMAPCI DSS Level 1UK G-CloudHIPAA/HITECH

Information security standards

Effective controls

Government

& industry certifications

Simplified compliance

Windows Azure

Unified platform for modern business

Microsoft commitment

Enhance Security

Protect Privacy

Simplify Compliance

Windows Azure 21

Trusted by leading companies

Windows Azure

Get started today! Talk to a Microsoft security expert

Explore additional resources: Microsoft Trust Center for Windows Azure: http://

www.windowsazure.com/en-us/support/trust-center

Trustworthy Computing Cloud Services: www.microsoft.com/trustedcloud

Windows Azure

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.