Azure security and Compliance

Editor's Notes

1. Slide script: Thank you for taking the time today to walk through an end-to-end tour of Azure Security- the intensive and extensive work we’re doing to deliver a cloud you can trust. We’ll focus first on the work we do to secure the platform, and then we’ll cover all of the options we provide to empower you to meet your security requirements.
2. Topline point: hard and fast rule – every software team goes through this, every release – it’s also embedded in our internal governance. Slide script: The Microsoft Security Development Lifecycle (SDL) is a set of processes and tools designed to minimize the number and severity of vulnerabilities in software products. It encompasses education of development personnel, secure development processes, and accountability of individuals and product teams, all for the building of more consistently secure software. Azure uses the SDL to systematically address security threats throughout the development process: through threat modeling during the design process; following development best practices and code security standards during coding; and requiring the use of various tools for testing and verification before deployment. These proactive checks during development make software less vulnerable to potential threats after release, and the SDL provides a structured and consistent methodology through which to apply them. These methodologies, which are supported by an executive commitment to security, have helped Microsoft develop more secure software.
3. Slide script: The security controls and risk management processes Microsoft has in place to secure the cloud infrastructure reduce the risk of security incidents, but in the event an incident occurs, the Security Incident Management (SIM) team within the Microsoft Online Security Services & Compliance (OSSC) team is ready 24 hours a day, every day to respond. SIM’s mission is to quickly and accurately assess and mitigate computer security incidents involving Microsoft's Online Services, while managing the necessary internal and customer communications. When events are detected, a 9-step process is kicked off that focuses first on containment and recovery. Customers notification is a key part of this process. Customers notification is a key part of this process. Microsoft Azure provides coordination of forensic analysis, evaluation of logs, and VHD images in the event of platform-level incident. Azure also works with customers to provide log data to help them respond to threats. AZURE: Leverages a 9-step incident response process Focuses on containment & recovery Analyzes logs and VHD images in the event of platform-level incident and provides forensics information to customers when needed Makes contractual commitments regarding customer notification
4. 72 certificates as of Jan 2018
5. Microsoft Trust Center: https://www.microsoft.com/en-us/trustcenter
6. Azure Security Documentation: https://aka.ms/myASIS
7. P2
8. Slide title: Data protection Slide objectives: Provide an overview of Azure data protection. Slide script: Both technological safeguards, such as encrypted communications, and operation processes help keep customer data secure. Customers have the flexibility to implement additional encryption and manage their own keys. Data isolation. Azure is a multi-tenant service, meaning that multiple customers’ deployments and virtual machines are stored on the same physical hardware. Azure uses logical isolation to segregate each customer’s data from that of others. This provides the scale and economic benefits of multitenant services while rigorously preventing customers from accessing one another’s data. Data at rest. Customers are responsible for ensuring that data stored in Azure is encrypted in accordance with their standards. Azure offers a wide range of encryption capabilities, giving customers the flexibility to choose the solution that best meets their needs. Data in transit. For data in transit, customers can enable encryption for traffic between their own VMs and end users. Azure protects data in transit to or from outside components, as well as data in transit internally, such as between two virtual networks. Azure uses industry standard transport protocols such as TLS between user devices and Microsoft datacenters, and within datacenters themselves. Encryption management. Encryption of data in storage and in transit can be used by Azure customers align with best practices for ensuring confidentiality and integrity of data. It is straightforward for customers to configure their Azure cloud services to use SSL to protect communications from the Internet and even between their Azure hosted VMs. Data redundancy. Microsoft ensures data is protected in the event of a cyberattack or physical damage to a datacenter. Customers may opt for in-country storage for compliance or latency considerations or out-of-country storage for security or disaster recovery purposes. Data may be replicated within a selected geographic area for redundancy, but will not be transmitted outside it. When you create your storage account, you must select one of the following replication options: •Locally redundant storage (LRS). Locally redundant storage maintains three copies of your data. LRS is replicated three times within a single facility in a single region. LRS protects your data from normal hardware failures, but not from the failure of a single facility. •Zone-redundant storage (ZRS). Zone-redundant storage maintains three copies of your data. ZRS is replicated three times across two to three facilities, either within a single region or across two regions, providing higher durability than LRS. ZRS ensures that your data is durable within a single region. •Geo-redundant storage (GRS). Geo-redundant storage is enabled for your storage account by default when you create it. GRS maintains six copies of your data. With GRS, your data is replicated three times within the primary region, and is also replicated three times in a secondary region hundreds of miles away from the primary region, providing the highest level of durability. In the event of a failure at the primary region, Azure Storage will failover to the secondary region. GRS ensures that your data is durable in two separate regions. Data destruction. When customers delete data or leave Azure, Microsoft follows strict standards for overwriting storage resources before reuse, as well physical destruction of decommissioned hardware. Microsoft executes a complete deletion of data on customer request and on contract termination.
9. Key point – patch management as a service – this gets done for you! Slide script: Security patches help protect systems from known vulnerabilities. Integrated deployment systems manage the distribution and installation of security updates for the Azure service. Customers can apply similar update management processes for virtual machines (VMs) deployed on Azure. AZURE: Microsoft Azure works with MSRC to identify when patch releases are required, and applies patches immediately or during a scheduled release to the Microsoft Azure environment based on the severity. Microsoft Azure is notified by the Microsoft Security Response Center (MSRC) and Microsoft Online Security Services & Compliance (OSSC) teams upon identification of updates applicable to Azure environment. This includes the notification of the latest patches released. Microsoft Azure works with MSRC and evaluates patch releases to determine applicability and impact to the Microsoft Azure environment and customers. The applicable security patches are released through the periodic OS release cycle in accordance with change and release management procedures. Emergency out-of-band security patches (e.g., Software Security Incident Response Process (SSIRP) patches) are expedited for more immediate release. The patches are automatically applied to the customers’ Guest VMs unless the customer has configured the VM for manual upgrades. In this case, the customer is responsible for patching.   Microsoft Azure follows a change process to modify the underlying OS within the platform. All changes are reviewed and tested, at a minimum, for their quality, performance, impact on other systems, recovery objectives and security features before they are moved into production using the Microsoft Azure Release process. Microsoft Azure has established test windows for reviewing and testing of new features, changes to existing features and patches.   CUSTOMERS: Customers apply patches to their Virtual Machines using Systems Center or whatever other processes they use on-premises.