Note: The information in this blog post and the white paper it refers to is outdated and should no longer be used.
In the meantime, Microsoft has published several white papers that provide comprehensive information about various security and compliance aspects of Azure:
- Please have a look at our Azure Security Information site. There you will find details about key Azure security concepts such as Azure network security, Azure storage security, and Azure virtual machine (compute) security.
- At the Microsoft Trust Center we offer a wealth of resources for legal and compliance professionals who need current information on standards and regulatory compliance for cloud computing. There you can find white papers such as CJIS Implementation Guidelines for Azure Government, Office 365 Government, and Dynamics CRM Online Government, a FERPA Implementation Guide for Microsoft Azure, and information about the Microsoft Cloud Germany for commercial customers in the European Union (EU) and European Free Trade Association (EFTA). These white papers were created as guidance to help customers understand local laws and governance issues, share our knowledge about compliance and privacy aspects, and provide insight into the local regulatory requirements when deploying to the cloud.
Windows Azure must provide confidentiality, integrity, and availability of customer data, while also enabling transparent accountability. To help customers better understand the array of security controls implemented within Windows Azure from both the customer's and Microsoft operations' perspectives, a new white paper, “Windows Azure Security Overview”, has just been released that provides a comprehensive look at the security available with Windows Azure. Written by Charlie Kaufman and Ramanathan Venkatapathy, the paper provides a technical examination of the security functionality available from both the customer's and Microsoft operations' perspectives, the people and processes that help make Windows Azure more secure, as well as a brief discussion about compliance.