We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft details Azure security features

Microsoft has added its Azure cloud platform to the Cloud Security Alliance's STAR security registry, which is a listing where cloud service providers post information about their security features.

The Security, Trust and Assurance Registry (STAR) began last year but almost six months after its launch only three companies had filled out the 170-question form that makes up STAR. Microsoft was one of the early adopters when it submitted security information for Microsoft Office 365, with cloud service providers Mimecast and Solutionary being the others. In the last month, though, there have been two additions, including Microsoft Azure and IT and cloud manager SHI International.

BACKGROUND: Cloud security registry slow to catch on 

EDITORIAL: Push your cloud supplier to participate in CSA STAR 

In the registry listing, Microsoft officials say that Azure's "core services" are ISO 27001 certified and "this work is planned for the remaining features of the platform." The "core" services, it says, refer to compute, storage, and virtual network features. Meanwhile, the company's global foundation services, which are the systems that run much of Microsoft's online services, undergo annual American Institute of Certified Public Accountants Statement of Auditing Standards (SAS) No. 70 audits. The SAS 70 audits will be replaced with Standards for Attestation Engagements No. 16 audits and International Standards for Assurance Engagements No. 3402 audits.

Some cloud watchers have expressed optimism for STAR to be a place where customers can easily compare and contrast security features from providers they may consider working with. But, to fully realize that potential, Kyle Hilgendorf, a Gartner analyst, says more companies need to sign on. CSA officials say that some big name companies, such as Google, McAfee, Verizon and Intel, have said they will contribute to STAR, but they haven't yet.

"Our customers are able to go to the STAR registry and they're able to pick up our specific security controls, they're able to dive into what we do at the data center level, all the way up through the platform level," says Kellie Ann Chainier, a cloud business manager for Microsoft, in a video posting the company released about the news.

Network World staff writer Brandon Butler covers cloud computing and social media. He can be reached at [email protected] and found on Twitter at @BButlerNWW.


IDG UK Sites

5 reasons not to wait for the Apple Watch: Why you shouldn't buy the iWatch

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How Emotional Debt is damaging digital design

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room