In today’s complex and regulated environment, businesses need to focus on building secure solutions in the cloud that
deliver value to their customers, partners, and shareholders—rather than on the infrastructure to make it run. Cloud
computing offers an opportunity to transfer some of the cost, risk, and effort of managing IT platforms and software
to an independent, validated provider.
Microsoft has decades-long experience building enterprise software and running some of the largest online services in
the world. We have leveraged this experience to implement and continuously improve security-aware software development,
operational management, and threat mitigation practices that are essential to the strong protection of services and
data in the cloud.
Security is built into the Microsoft Cloud from the ground up, starting with the
Security Development Lifecycle, a mandatory development process that embeds security requirements into every phase of the development
process. We help ensure that the Microsoft Cloud is protected at the physical, network, host, application, and data
layers so that our online services are resilient to attack. Continuous proactive monitoring, penetration testing, and
the application of rigorous security guidelines and operational processes further increase the level of detection and
protection throughout the Microsoft Cloud.
Microsoft has made major investments in cloud security in the following areas.
- Design and operational security
Microsoft Cloud security begins with a trustworthy technology foundation. Microsoft designs its software for security from the ground up and helps ensure that the cloud infrastructure is resilient to attack. We use an “assume breach” stance as a security strategy, and our global incident-response team works around the clock to mitigate the effects of any attacks against the Microsoft Cloud. These practices are backed by centers of excellence that fight digital crime, respond to security incidents and vulnerabilities in Microsoft software, and combat malware.
Technological safeguards, such as encrypted communications and operational processes, enhance the security of our customers’ data. For data in transit, the Microsoft Cloud uses industry-standard encrypted transport protocols between user devices and Microsoft datacenters, and within datacenters themselves. For data at rest, the Microsoft Cloud offers a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.
- Identity and access management
Azure Active Directory is a comprehensive identity and access management cloud solution that helps secure access to your data and on-premises and cloud applications, and simplifies the management of users and groups. It combines core directory services, advanced identity governance, security, and application access management, and is a key component of Microsoft Cloud services, including Microsoft Azure, Microsoft Dynamics CRM Online, Microsoft Intune, and Microsoft Office 365 as well as thousands of third-party SaaS apps. Azure Active Directory also makes it easy for developers to build policy-based identity management into their applications.
- Security Development Lifecycle
Microsoft recognizes that focusing on security as a core component in the software development process can reduce the risk of costly issues, improve the security and privacy of infrastructure and applications, and protect data in the Microsoft Cloud. The SDL is composed of proven security practices that consist of multiple phases in which core software assurance activities are defined.
Get the specifics about the robust security at the core of each Microsoft cloud service: