microsoft azure switzerland - sav/fsacloud services from datacenter locations in the regions of...
TRANSCRIPT
Microsoft Azure Switzerland
Cloud Computing – eine EinführungWeiterbildungstage, Schweizerischer Anwaltsverband
Dr. Marc Holitscher, CTO Microsoft Schweiz31. August 2018
3
Economies of Scale
Source: Microsoft Size (Number of Servers)
TOC/
Wor
kloa
d
$ 0
$ 2,000
$ 4,000
$ 6,000
$ 8,000
100 1,000 10,000 100,000
4
• Announced plans to offer enterprise cloud services from datacenter locations in the regions of Geneva and Zurich
• Microsoft Azure, Office 365, Dynamics 365 – expected availability in 2019
• Data residency in Switzerland• Compelling moment to re-visit
datacenter transformation and cloud strategy
55
Trusted Cloud Principles
Information Security Assurance (SAFE)
CONTRACTING
INDEPENDENTLY VERIFIED
DESCRIPTIVE INFORMATION
Microsoft Online Services Terms (OST), …
ISO27001, 27002, 27018, Audit Report, …
Microsoft Trustcenter whitepapers, …
MICROSOFT AS DATA PROCESSOR
INTEGRATED CONTROLS
CUSTOMER AS DATA CONTROLLER
RISKS
SECURITY
PRIVACY
QUALITY OF SERVICE
GOVERNANCE
RISK MANAGEMENT
COMPLIANCE
CUSTOM(ER) CONTROLS
Control Framework
1:1 examination via ad-hoc request *
Access to information Ability to influence
Audit webcasts and full Audit
Reports
Compliance Program Roadmap
Summary of penetration
testing reports
Access to Microsoft
subject matter experts and
external auditor
Info about security
incidents and risks-threat evaluations
Examine control framework and other service
details
Feedback on potential
changes to certifications
Opportunity to recommend additions to audit scope
Suggestions for additional
controls for future audits
Compliance Group Input on
issues
Microsoft Financial Services Offering
Microsoft Employee Access Management
Grants least privilegerequired to complete task
Multi-factor authentication required for all administration
Access requests areaudited, logged, andreviewed
No standing access to the customer data
Pre-screened Admin
requests access
Leadership grantstemporary privilege
Just-in-Time &
Role-Based Access
Office 365
BLOBS TABLES QUEUES DRIVES Microsoft Corporate Network
15
Management Activity API
Data Center Security Cmdlet Schema Parameters Type Mandatory? Description StartTime Edm.Date Yes The start time of the cmdlet execution. EffectiveOrganization Edm.String Yes The name of the tenant that the elevatio
was targeted at. ElevationTime Edm.Date Yes The start time of the elevation. ElevationApprover Edm.String Yes The name of a Microsoft manager. ElevationApprovedTime Edm.Date No The timestamp for when the elevation w
approved. ElevationRequestId Edm.Guid Yes A unique identifier for the elevation requ ElevationRole Edm.String No The role the elevation was requested fo ElevationDuration Edm.Int32 Yes The duration for which the elevation wa GenericInfo Edm String No Used for comments and other generic
f