Making your data residency choices easier with Azure

18 Haziran, 2020 tarihinde gönderildi

Director International Expansion Engineering, Azure Global

Azure is now available in over 140 countries and offers customers more than 60 datacenter regions worldwide (and growing) from which to choose. These Azure regions provide customers with the benefits of data residency and latency optimization and may enable regional compliance.

We understand that with Azure’s over 200 services, advances in architecture, and data protection promises, there are a lot of options available to customers. To help you make the right decisions, we have summarized the answers to your questions on Azure regions, data residency, data access, and retention. Download the white paper, Enabling Data Residency and Data Protection in Azure Regions to learn more.

When customers move workloads to Azure, they face a number of choices, such as datacenter regions, high availability (HA) and disaster recovery (DR) architecture, and encryption models. To make the right decisions, customer need to consider both technical and regulatory requirements. To optimize latency, customers should determine the appropriate region based on the location of their users or customer base.

For regulatory compliance considerations, data residency considerations may support or even mandate the physical locations where data can be stored, and how and when it can be transferred internationally. These regulations can differ significantly depending on jurisdiction. Azure’s regions and service features provide customers with different avenues so they can select and limit data residency and data access. This enables customers in regulated industries to successfully run mission-critical workloads in the cloud and leverage all the advantages of the Microsoft hyperscale cloud.

The purpose of the white paper is to give customer-specific guidance in navigating these decisions, including:

  • Understanding Azure’s regional infrastructure, including high availability, availability zones, disaster recovery, latency, and service availability considerations, and how to make optimal architecture decisions.
  • Data residency assurances and how customers can control data residency. Most Azure services are deployed regionally and enable the customer to specify the region into which the service will be deployed and control where the customer data will be stored. Certain services and regions have some exceptions and limitations to these rules, which are outlined fully in the white paper.
  • Data access to telemetry data, including elevated access for support data, and how customers can manage data access. The collection and use of telemetry and support data issues  has raised questions from some of our customers, and the white paper provides detailed answers.
  • How Microsoft protects customer data from unauthorized access and how Microsoft handles government requests, including implications of the Cloud ACT. Customers have asked us for specific details about when Microsoft engineers may access data and how we respond to government requests for data. The white paper provides clarity.
  • Tools customers can use to protect from unauthorized and authorized data access. Customers have a wealth of tools available to restrict, protect, and encrypt data at rest, in transit, and in some cases, in use.
  • Data retention and deletion. The white paper details Microsoft’s policies and practices for the retention and disposal of customer data.

We appreciate all of the feedback and questions we have received from customers regarding data residency and data protection in recent months, and we will continue to strive to provide you the most complete and current answers we can, so expect this white paper to be updated in the future.

Cover of the Enabling Data Residency and Data Protection in Azure Regions white paper.

Download Enabling Data Residency and Data Protection in Azure Regions, and visit Azure Global Infrastructure and Microsoft Trust Center to learn more.