security in windows azure
DESCRIPTION
This session will explain at various levels how security is quaranteed. What are the responsibilities of the Cloud Provider (in this case Microsoft) and what responsibilities remain with the customers themselves? How are we save from evesdropping for sensitive information and portscanners? How compliant are the Microsoft Windows Azure datacenters? What does the Patriot Act mean, what is Safe Harbour and how does this impact the privacy of your data?TRANSCRIPT
1
Security in Windows Azure
Patriek van Dorp Senior Technology Specialist Microsoft
Windows Azure MVP
Microsoft v-DPE and v-TSP for Windows Azure
Sogeti Netherlands
We’re all excited about the Cloud…
We all want to catch this wave…
…but we don’t want to be…
…in over our heads
…because things can go wrong…
…terribly wrong
Cloud Computing seems terrifying
That’s why we start by...
…testing the water temperature…
…to see if it’s right for us
Fabric
Cluster
Windows Azure Hypervisor
CN
…
Windows Azure Hypervisor
…
MyCloudApp.cspkg
VLAN
http://blogs.msdn.com/b/buckwoody/archive/2012/03/27/sql-azure-and-trust-services.aspx
Integrity
E:\ C:\ D:\
∆ ∆
Availability
Secure Coding
Secure Design
Svchost.exe
The Gatekeeper Pattern
Read Update Update Read
Improving Security
ISO/IEC 27001:2005
SAS 70 Type I and II
SOX
PCI DSS
FISMA
…
Patriot Act
Safe Harbour
How does it feel?
Now we’re ready to gracefully dive in