Microsoft Talks About Trust and Security in Their Cloud Services

As privacy and data continue to be in the forefront of the news these days trust levels in our data stored in cloud services is very important. Microsoft is talking about that trust.

Richard Hay, Senior Content Producer

March 21, 2016

3 Min Read
Microsoft Talks About Trust and Security in Their Cloud Services

Most of you keep up with the constant flow of news relating to data, privacy and security.

The decision to move to cloud based services is a big one for any organization. Reliability is crucial but, as Microsoft states today, "Managing the volume, variety, and disparate sources of data generated through mobile devices and other activities is a global challenge for enterprise."

You would expect that a discussion about the privacy and control of The Trusted Cloud would originate from within Microsoft's OneDrive team but today's blog post is coming from the Cyber Trust team.

They begin by referencing a December 2015 Intralinks survey that discovered only about half of the companies use any type of policy or control to dictate access to customer and enterprise data.

With 78% of those surveyed planning to use cloud and Software as a Service software programs for storing sensitive and regulated data that leaves a lot of work to be done.

According to Microsoft privacy and access have to be approached together:

"Data privacy and access control must be taken together because it’s impossible to meaningfully achieve the one without robustly addressing the other. An organization may set up its cloud with the world’s best security to keep data private, but then fail to use access control policies effectively to prevent data leaks or unauthorized access. From both a technological and a privacy perspective, CIOs and IT leaders must pay attention to how, when, where, and by whom their company’s petabytes may be legitimately accessed. Moreover, they need to manage access control to ensure compliance from legal, risk management, and regulatory standpoints."

Microsoft views privacy and control in their Trusted Cloud under the following points:

You own your data, not us. When you use a Microsoft cloud service, you keep the ability to take your data with you when you terminate an agreement. When a subscription expires or you terminate your contract, Microsoft follows a 90-day retention policy and strict standards for overwriting storage before reuse.

Your data is not used for marketing. Our enterprise business model is not based on exploiting customer data. We do not use your data for purposes such as advertising that are unrelated to providing the cloud service.

We don’t use standing access.   We’ve engineered our cloud services so that the majority of operations are fully automated. Only a small set of activities require human involvement; access to your data by Microsoft personnel is granted only when necessary for support or operations, then revoked when no longer needed.

You can choose your datacenter location. Depending on which Microsoft cloud services you have, you may have flexibility in choosing where your data physically resides. Your data may be replicated for redundancy within the geographic area, but not transmitted outside it.

We protect data from government surveillance. Over several years, we’ve expanded encryption across all our services and reinforced legal protections for customer data. And we’ve enhanced transparency so that you can be assured that Microsoft does not build “back doors” into our products and services, nor do we provide any government with direct or unfettered access to customer data.

Law enforcement requests must go through you. Microsoft will not disclose your data to a third party except as you direct or as required by law. We’ll attempt to redirect third parties to request customer data directly from the data owner.

If you want to learn more about Microsoft's Trusted Cloud princicples, hear from company leaders such as the CEO Satya Nadella and President Brad Smith just visit the Microsoft Trusted Cloud portal for white papers, videos, webinars and several related company blogs.

But, wait...there's probably more so be sure to follow me on Twitter and Google+.

----------

Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!

IT/Dev Connections

About the Author

Richard Hay

Senior Content Producer, IT Pro Today (Informa Tech)

I served for 29 plus years in the U.S. Navy and retired as a Master Chief Petty Officer in November 2011. My work background in the Navy was telecommunications related so my hobby of computers fit well with what I did for the Navy. I consider myself a tech geek and enjoy most things in that arena.

My first website – AnotherWin95.com – came online in 1995. Back then I used GeoCities Web Hosting for it and WindowsObserver.com is the result of the work I have done on that site since 1995.

In January 2010 my community contributions were recognized by Microsoft when I received my first Most Valuable Professional (MVP) Award for the Windows Operating System. Since then I have been renewed as a Microsoft MVP each subsequent year since that initial award. I am also a member of the inaugural group of Windows Insider MVPs which began in 2016.

I previously hosted the Observed Tech PODCAST for 10 years and 317 episodes and now host a new podcast called Faith, Tech, and Space. 

I began contributing to Penton Technology websites in January 2015 and in April 2017 I was hired as the Senior Content Producer for Penton Technology which is now Informa Tech. In that role, I contribute to ITPro Today and cover operating systems, enterprise technology, and productivity.

https://twitter.com/winobs

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like