Five lessons from Microsoft on cloud security
The article gives some good recognition to Microsoft for its solutions “in the cloud” over 300 Products and Services delivered securely and reliably
While Google, Amazon, and Salesforce.com have gotten the most attention as cloud service providers, Microsoft — with its 300 products and services delivered from its datacenters — has a large cloud bank all its own.
In May, the company released a paper on its approach to cloud services and how the company plans to secure those services. The paper — penned by Microsoft’s Global Foundation Services, the group responsible for overseeing the company’s software-as-a-service infrastructure — spells out the current dangers for online services, including a growing interdependence between customers and the companies that serve them and more sophisticated attacks on Internet services.
Microsoft argues that its approach to security, which it carved out with its Trustworthy Computing Initiative in 2002, works as well for online services, with some modification.
"If I take the traditional security principles, that hasn’t changed in terms of discipline and approach," said Charlie McNerney, general manager for business and risk management at Microsoft’s GFS. "What has expanded is the amount of controls we have applied."
In recent interviews, McNerney and other cloud providers shared their thoughts on Microsoft’s approach to securing cloud services and the data centers that power such services.
1. Discuss risk with customers
2. Pay attention to compliance
3. Better standards needed
4. Privacy and security are not so different
5. Don’t generalize on cloud security
Continue at source for the details on the 5 topics discussed :