3. Microsoft Azure
$25,000
in the cloud would cost
$100,000 on premises
Economics
Scale
30,000to
250,000
Scale from
site visitors instantly
2 weeks
to deliver new services
vs. 6-12 months with
traditional solution
Agility
Technology trends: driving cloud adoption
of CIOs will embrace a
cloud-first strategy in 2016
(IDC CIO Agenda webinar)
Cloud Trend:
70%
Drivers
ORGANIZATIONS ARE EAGER TO REALIZE CLOUD BENEFITS
4. Microsoft Azure
Compliance
Privacy
Security
Before cloud migration concerns
Security as the main barrier
for moving to the cloud
(Microsoft comScore Survey)
Cloud Trend:
60%
Concerns
Cloud would result in lack of
data control
(Microsoft comScore Survey)
Cloud Trend:
40%
5. Microsoft Azure
Compliance
Privacy
Security
After cloud migration…
Experienced security
benefits they didn’t
previously have on-prem
(Microsoft comScore survey)
Cloud Trend:
94%
Concerns
Experienced increased
privacy and data protection
as the result of moving to
the cloud
Cloud Trend:
62%
6. Microsoft Azure
100+ Data
Centers
Trustworthy
Computing
Initiative
Security
Development
Lifecycle
Global
Data Center
Services
Malware
Protection
Center
Microsoft Security
Response Center
Windows
Update
1st
Microsoft
Data
Center
Active
Directory
SOC 1
CSA Cloud
Controls Matrix
PCI DSS
Level 1
FedRAMP/
FISMA
UK G-Cloud
Level 2
ISO/IEC
27001:2005
HIPAA/
HITECH
Digital
Crimes
Unit
SOC 2
E.U. Data
Protection
Directive
Operations
Security
Assurance
Assume
Breach
Microsoft
Azure
11. Microsoft Confidential
Control over data location
One of the top 3 networks in the world (coverage, speed, connections)
2 x AWS and 5x Google DC Footprint
Operational
Announced
CentralUS
Iowa
WestUS
California
NorthEurope
Ireland
EastUS
Virginia
EastUS2
Virginia
USGov
Virginia
NorthCentralUS
Illinois
USGov
Iowa
SouthCentralUS
T
exas
BrazilSouth
SaoPaulo
WestEurope
Netherlands
ChinaNorth
Beijing
ChinaSouth
Shanghai
JapanEast
Saitama
JapanWest
Osaka
IndiaWest
TBD
IndiaEat
TBD
EastAsia
HongKong
SEAsia
Singapore
Australia West
Melbourne
Australia East
Sydney
12. Microsoft Azure 12
Government access
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We don’t provide any
government with direct
or unfettered access to
your data
13. Microsoft Azure 13
Government access
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We don’t assist government
efforts to break our
encryption or provide any
government with
encryption keys used to
protect data in transit, or
stored on our servers
14. Microsoft Azure 14
Government access
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We don’t engineer back
doors into our products
and we take steps to
ensure 3rd parties can
independently verify this.
15. Microsoft Azure 15
Government access
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
If, as press reports suggest,
governments are engaging
in broader surveillance of
communications, it is being
done without the
knowledge or involvement
of Microsoft
16. Microsoft Azure 16
Legal requests for your data
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We will redirect third
party request to the
customer
17. Microsoft Azure 17
Legal requests for your data
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We will promptly notify the
customer, unless legally
prohibited from doing so,
and if prohibited, will
challenge the request in
court
18. Microsoft Azure 18
Legal requests for your data
No Back Doors
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We will fight legal
demands for customer
data stored in another
country
19. Microsoft Azure 19
Transparency
Enhanced Security
1010101010101010101010101010101010101010101010101010
10101010101010101010101010101010
We will fight legal
demands for customer
data stored in another
country
http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
20. Microsoft Azure 20
Recognized for its commitments
https://www.eff.org/who-has-your-back-government-data-requests-2014
21. ISO/IEC 27001 SOC 1 SOC 2 PCI DSS L1 version 3 Cloud Security Alliance
Cloud Security Matrix
HIPAA
(Healthcare)
FedRAMP FIPS 140-2 Life Sciences GxP Family Educational
Rights & Privacy Act
European Union
Model Clause
China
Multi Layer Protection
Scheme
United Kingdom
G-Cloud
Singapore
Multi-Tier Cloud
Security
China
CCCPPF
Australian Signals
Directorate I-RAP
Assessment
Criminal Justice
Information System
Defense Information
Systems Agency L2
Sarbanes Oxley ITAR Defense Information
Systems Agency L3-5
ISO / IEC 27018
Simplified compliance
22. Microsoft Azure 22
Security
Network
Protection
Data
Protection
Infrastructure
protection
• 24-hour monitored
physical security
• Firewalls
• Patch management
• System monitoring
and logging
• Antivirus protection
• Threat detection
• Network Security
Group
• Virtual Networks
• Site-to-site VPN
• ExpressRoute
• Data in transit
• Data at rest
• Data segregation