For too long, cloud computing has unfairly suffered from the misconception of being inherently unsecure.
Even after years of investment and development, survey respondents still have concerns over cybersecurity and privacy in cloud environments.
The team at Sagiss have collectively spent years working with various cloud platforms, with a recent focus on Microsoft Azure in particular. The data shows that today’s cloud technology, and Microsoft Azure in particular, will meet or exceed any organization’s cybersecurity requirements.
Would you to move your business to the cloud, but still have security concerns? Read on as we address the most common security concerns about using Azure for business. Still have questions about the cloud? Stay tuned as we continue to add to this guide. Also , feel free to call us directly, or submit a request for a free consultation and we'll reach out within one business day!
Azure Cybersecurity FAQ
1. Can Microsoft Azure staff access my data?
No. In fact, Microsoft claims their staff have no standing access to a customer’s data or virtual machines within Azure. They specify that staff may only access a customer’s Azure resources in the event the customer requests technical support.
As a further security and privacy measure, Microsoft technicians working in Azure operate according to the principle of “least privilege”. This means they are only given access to the specific files and tools needed to address the support request. After the support issue has been resolved, Microsoft’s access to that customer’s virtual machine is once again turned off. Any support technician within Azure must also log in using 2-factor authentication. This is done to prevent fraudsters and other malicious characters from impersonating Microsoft personnel.
Finally, the Azure Key Vault provides customers with the tools to encrypt their files, and also manage access to that encrypted data. This means that customers are able to secure any data they store within Azure’s cloud.
2. Can law enforcement access my data?
According to Microsoft, they will not disclose customer data to a third party (including law enforcement, other government entity or civil litigant) except as you direct or required by law. In an effort to provide transparency about the nature of information requests submitted to Microsoft by law enforcement, Microsoft biannually publishes it’s Law Enforcement Request Report.
3. My business is subject to regulatory requirements. Should we still use Azure?
Yes! Azure is an ideal cloud platform for any organization subject to heavy regulatory compliance requirements! This is because Azure boasts the largest portfolio of compliance certifications of any cloud provider. This list of compliances includes HIPAA, FERPA, SOC 1 & 2, ISO, and many others.
That being said, it is important to remember that these compliance certifications only cover the infrastructure itself. Ultimately, it is the customers responsibility to use the infrastructure in a compliant-manner. Azure is a complex platform with many options to configure. In order to ensure your Azure resources handle personal information correctly, speak to an expert technology provider with experience configuring virtual machines in Azure.
4. How does Azure detect cyberthreats?
Microsoft spends over $1 billion per year on security, and conducts regular penetration testing of its systems. Azure also provides big data analysis of logs for intrusion detection and prevention for the platform. This enable Azure to identify and filter out the most cutting-ege cyber threats.
As a result, the Azure platform has become particularly robust. According to Microsoft, the Azure platform successfully deflects over 300 DDoS attacks per day!
5. Where in the world does my data live?
Wherever you'd like! Azure runs on a global network of data centers, each of which is assigned to support one of 36 regions around the world. Customers explicitly control geographic placement of their assets, according to their sovereignty, security, compliance and/or latency polices. Azure also provides central policy controls to allow/disallow specific geographies for all Azure services. This means that you, the customer, decide where in the world your data is to be stored.
Looking for more information on Azure? Stay tuned as we add to this guide over time. Further Reading: