Story image

Can the cloud be secure?

05 Aug 13

Can we build a truly secure cloud?

“It’s a challenging goal,” says Adrienne Hall, general manager of Trustworthy Computing at Microsoft.

Posting on Microsoft's official blog website, Hall says security is an important consideration for organisations looking to tap the cloud’s cost savings, flexibility and scalability.

"People want to know if the cloud vendor they choose can keep their data secure and readily available, while effectively managing any unexpected events," she says.

At Microsoft, Hall says the company focuses on three main areas to build customer trust in our cloud offerings:


Hall claims all Microsoft products and services are designed and built from the ground up using Microsoft’s Security Development Lifecycle (SDL).

"All products must pass a final security review before they are released," she says.

"Whether it’s our Windows Azure cloud platform, server products like Hyper-V, or application suites like Office 365 and Microsoft Dynamics CRM."


"We design and build our datacenters to meet internationally recognised standards, regional laws, and our own stringent security and privacy policies," Hall says. "This includes detailed security controls across multiple layers of defense.

"Our datacenter infrastructure has achieved a range of certifications and attestations, including ISO 27001, PCI Data Security Standard, SAS 70 Type 2, EU Model Clauses, U.S. HIPPAA BAA and Federal Information Security Management Act (FISMA).

Incident Response:

No matter how secure or reliable we make our products, unexpected situations occur admits Hall. When they do, Hall says Microsoft mobilises significant global resources to respond quickly, comprehensively, and effectively to incidents.

"All that said, it’s important to remember that organisations that choose the cloud are not devolving 100 percent of their security responsibilities," she says.

"The cloud service provider will take on a great many security responsibilities, but not all of them.

"Customers will typically need to maintain “client security” at their own locations or among their workforce – ensuring up to date antivirus, for example, or educating employees on the importance of using strong passwords."

Can businesses build a truly secure cloud? Tell us your thoughts below

QNAP introduces new 10GbE and Thunderbolt 3 NAS series
The new series is supposedly an all-in-one NAS solution for file storage, backup, sharing, synchronisation and centralised management. 
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
CyrusOne investing in new Amsterdam data centre
CyrusOne is continuing its rapid and relentless investment into Europe, with news emerging of a new facility in the Netherlands.
HPE to supply tech to Formula E racing team
“At HPE, we believe the future belongs to the fast, and we’re focused on accelerating what’s next for enterprises, including in the world of auto racing."
Why the future of IT infrastructure is always on and always available
As more organisations embrace digital business, infrastructure and operations leaders will need to evolve their strategies and skills to keep up.
Digital transformation in Europe a €333b business
IDC has shared its forecast for digital transformation spending in Europe, which looks to be a very profitable industry.
Is the on-premises data centre really going to ‘die’?
Gartner certainly thinks so, as it expects the sheer majority of enterprises to have binned their on-premises facility by 2025.
HPE announces financial results for the fourth quarter of 2018
“As we close my first fiscal year as CEO, I am incredibly proud of where we stand in the marketplace."