Xylos brands

The 6 Azure security facts you should know

Are you considering a migration to the Microsoft Azure public cloud? Than you definitely asked yourself to following question: “How does Microsoft provide the security of my Azure infrastructure, data and applications?” In this blog, we’ll dive into 6 security insights concerning the Azure Cloud.

1. Some Azure security numbers (that might make your head spin)

I talk to a lot of customers who are considering a migration to the public cloud. One of the most common questions – if not THE most asked – is:

"Is my data secure in the cloud?"

When hearing this, I often reply with a bold statement that has raised an eyebrow more than once:

I’m sure you’re data is safer in the Azure public cloud than it is in your own private or managed datacenter.”  Before diving into the specifics and the rationale behind this, I want to offer some official numbers about security in Microsoft Azure.

  • 80% the amount of fortune 500 companies that are on the Microsoft Cloud
  • 12.000.000 the amount organizations that use Azure Active Directory as their identity
  • the amount of dollars Microsoft spends on cyber security per year. Most of this budget goes towards innovation. They don’t focus on a traditional model of staffing but focus on how they can do better
  • Microsoft defends itself against 7 Trillion cyberthreats per day. Going from attempts for password brute forcing of Live accounts, hacking attempts, phishing attempts etc.

This doesn’t mean you don’t have to do anything about security, but Microsoft Azure will do all it takes, and probably more than any of your individual customers can, to cover their part of the responsibilities.There are more fun and impressive facts to be listed, but my point is: it is all about leverage scale. With the Hyper-scale of the Azure cloud and the massive amount of users, even the seemingly big yearly budgets become a little cost when spread over 100’s of millions of users.

Below, you will find a couple of the most remarkable efforts Azure is taking to protect your data both at rest as in transit.

2. Microsoft and its own global backbone

No virtual or dark fiber circuits. In 2017, Microsoft partnered up with Facebook to put a 160 Terabits per second transatlantic cable between Bilbao, Spain and Virginia Beach, USA. More initiatives are active around the world to build a completely private global WAN that ensures performance and security for your workloads.

3. Microsoft uses Machine Learning and AI

Microsoft uses Machine Learning and Artificial Intelligence to detect and stop the cyberthreats it encounters every day. This allows Microsoft to handle this massive volume and to immediately identify new methods of attacks or anomalies in for example authentication habits of the users.

4. Full-Time Red Team Blue Team rotation

For those who are not familiar with the term: The Red Team is a group of security experts who try to find security holes and exploit it. The Blue Team tries to detect and to respond. Microsoft employs hundreds of people in these teams to actively attack all their products like Azure, Office 365, Xbox Live, etc. They switch teams every quarter. This means a Red Team member first attacks the platform it helped build, then helps improving it during his Blue Team phase. Afterwards, he goes back to the Red Team to try to breach it again. This type of penetration testing is done all the time and targeted at the platform itself to ensure it is secure and your data is too.

5. Azure is most compliant and certified Public Cloud in the world

The Azure cloud is the most trusted cloud in the world. The cloud service provider does continuous effort to gain new compliance certifications and stay compliant with the existing ones. Azure publishes the audit reports done on its datacenters in the Service Trust portal, so customers can verify that Azure adheres to security controls for: ISO 27001, ISO 27018, SOC 1, SOC 2, SOC3, FedRAMP, HITRUST, MTCS, IRAP, and many more.

6. Don’t forget your own responsibility

By putting your data in Azure, you’re obviously not carefree. You will have to do your part of the work as well. The resources you use, must be secured just like you would do on your own environment. But Azure makes a huge effort in keeping its platform safe by providing you with all the tools you need to have do your part of the job.

7. Conclusion

So, is your data safe in Azure? To me, the answer would be: “Yes”. If you implement a good governance and if you use the provided tools, your data will be safer in Azure than in your private network.

Azure puts a tremendous amount of time into virtual and physical penetration testing, applying threat detection and mitigation, educating and building tooling to enable you to protect your data on a level few enterprises can for their private network.

The migration to the public cloud has many steps. Would you like one of our experts to come and talk about your specific needs and potential roadmap? Take a look at our offer and let us know.

Share this blogpost

Also interesting for you

Leave a reply

Your email address will not be published. Required fields are marked.