Windows Azure has many well-known security attributes, but Microsoft also uses several lesser-known measures to keep its cloud platform secure.
A blog post on the Lifehacker website highlights several aspects of Windows Azure that you might not be aware of. Here are the top five lesser-known security measures.
- Azure data center tours: Customers are allowed to tour Windows Azure data centers, enabling them to see for themselves the multiple layers of security. Customers usually are apprehensive about security at data centers. The ability to actually tour the Azure data centers is an important factor is making people feel more comfortable about storing information in the cloud. Visitors’ presence on site doesn’t present a security risk because they have no access to Azure data.
- Strict rules for Microsoft staff: Microsoft requires its own employees to adhere to strict standards, including those working directly on Azure code. Many companies may have barriers set up for exterior vendor access, but do not have the same barriers for internal workers. At Azure data centers Microsoft workers can gain access to the systems only if they follow strict security protocols. Having tight internal security is a big component of Azure security.
- Careful provisioning: Windows Azure customers do not have access to the direct storage, which has to be overwritten before being provisioned. And that provisioning is done carefully. Being a Microsoft data center running Microsoft products should present an extra sense of security. Microsoft has control over the whole lifecycle of the products, so customers don’t need to worry about different standards of protection as they do with systems that use components with different levels of security.
- Penetration testing occurs often: Microsoft regularly performs penetration testing to ensure the system stays safe and that no security flaws have emerged. “We also hire independent third-party firms to do pen testing on the platform services,” Stevan Vidich, director of Windows Azure marketing, tells Lifehacker.
- Shred it and forget it: Old drives that must be retired go through a seven-phase erasure process before being destroyed to ensure that a company’s data cannot be recovered from them. “Those drives which cannot spin we will physically shred and pulverize,” Vidich adds in the Lifehacker article.
Source: Lifehacker, April 2013