- Andrew Kos
- Bill Burlein
- Bryan Williams
- Christian Vozar
- Jeff Brown
- John Kraus
- Joseph Mak
- Josh Durbin
- Mark Daugherty
- Matt Van Bergen
- Melissa Geoffrion
- Michael Kang
- Michael Chan
- Michael Hodgdon
- Mike Motherway
- Molly McDaniel
- Nadia Maciulis
- Pat McLoughlin
- Paul Michelotti
- Puru Hemnani
- Rohit Srinath
- Ryan Lunka
- Tom Kelly
All Blogs
CITYTECH Blogroll:
Is Windows Azure Secure?
Tuesday, March 30, 2010
Windows Azure (WA) provides lots of great reasons to use cloud computing. There is still one concern that will cross the mind of every person who is considering it and that is security. Traditionally, one of the reasons a company or government entity may want to have all of their software running within their own network is security. The money spent on hardware and maintenance may be worth the cost to know exactly how secure the data that they are serving up and storing is secured. I imagine that no IT manager will be ready to move their operations out to any cloud, including Windows Azure, without understanding how both the code and data that they are trusting the cloud to run is secured.
So how do they secure the data?
Security actually happens at several levels. The easiest to understand is the physical security that is provided at each of their data centers. Each instance of Windows Azure runs in it’s own virtual machine on a Windows Server 2008 server. The datacenters are maintained and secured by the Global Foundation Services (GFS). They are the division that manages all of the clouds that Microsoft uses including Windows Live and MSDN. Security provided at each datacenter includes locks, cameras, biometric devices, card readers, alarms as well as firewalls, application gateways and IDS to protect the network. The datacenters also are subjected to PCI scans to ensure security.
On top of the physical precautions that are taken a team has been created within GFS to manage the always changing security requirements. The Online Services Security and Compliance Team works with businesses, industry officials and government officials to make sure that the Microsoft clouds are in accordance with industry security specifications. An in-depth description of the GFS standards can be found here.
At the application level there are two different roles that can be used. The first role is the Worker Role and does not have IIS running on it’s VM. It can send information out, but can not take information in. The second role is the Web Role which has IIS running and can take in and send information. Application security for the most part is left to each individual application. The encryption of data as well as any other security design decisions are left to each individual application.
Overall the Windows Azure platform is very secure and leaves alot of security decisions to each individual application!
Recent Posts
- Descriptive JMX Beans in AEM/CQ
- Invisible requirements within Business requirements
- Building a better Options Predicate
- Javascript, This, and You.
- Extensionless URLs with Adobe Experience Manager
- The Life of a Tester in Adobe CQ World!
- Limitations of the CQ Parsys Model and the Implementation of a Nested Paragraph System
- Google Analytics and AEM: No JavaScript? No Problem.
- Using Apache FOP to generate a PDF document based on a form submission data
- Configuring SAML in AEM 5.6