How does Azure deal with privacy, security and compliance?
Data security is growing importance. As an organization, you’re obliged – including under strict regulations – to handle your data with care. You don’t want your data to end up in the wrong hands either.
That’s why Microsoft Azure is based on a number of foundational principles that help protect data: security, privacy, compliance, and disaster recovery.
Microsoft employs some 3,500 security experts and spends 1 billion dollars a year on security research and development. As an organization with an on-premise environment, you can’t compete with that. In this article, we’ll focus on how Azure deals with issues such as privacy, security, and compliance.
With the Compliance Manager tool, you can manage your organization’s compliance activities from a single location. The tool supports you in complying with complex compliance obligations. For instance, you can carry out continuous risk assessments, giving you insight into your organization’s compliance status and allowing you to improve it where possible.
Your organization may be affected by a data breach or other disaster. Azure provides resilience for Cloud-based applications and data by ensuring business continuity in a number of ways. Should anything happen, Azure offers a built-in backup and Disaster Recovery solution.
Shared Responsibility with Azure
Azure is based on shared responsibility for data protection, with Microsoft assuming a certain responsibility depending on the Cloud service you use.
If you continue to work on-premise, then your organization needs to secure its entire IT environment itself. As you move from IaaS to PaaS to SaaS, Microsoft takes on more responsibility (see image below).
Microsoft offers various tools for the part that your organization is responsible for. These tools include:
Everything in Azure is encrypted by default, but you can make the encryption stronger. Many network encryption options are available that provide additional security for network data.
Azure Active Directory
Azure Active Directory is a Cloud-based directory and identity management service built for applications in the Cloud. Identity-driven security (e.g. single sign-on and multifactor authentication) ensures that you’re protected against 99.9% of cybersecurity attacks.
Azure Key Vault
Good key management is an important part of protecting your data in the Cloud. Key Vault helps improve the security of keys and passwords used by apps and services in the Cloud.
Azure Security Center
The Azure Security Center is the place where you manage security for your IT environment. The Security Center provides recommendations and sends threat alerts for your workloads. This allows you to quickly and accurately remedy your organization’s security status.
Our Microsoft Azure Cloud Essentials workshop will tell you more about these topics. You can attend our workshop for free. Feel free to contact us or sign up here.