Rawpixel - Fotolia

Microsoft steps up efforts to clarify cloud security and privacy policy

Microsoft debuts merged security information hub to make it easier for cloud users to find out more about the privacy and security policies of its hosted products

Microsoft has embarked on a renewed push to build enterprise trust in its cloud platforms by making it simpler for users to access information on its data privacy and security protocols.

The company created a single information hub – or “Trust Center” – to provide enterprises with information about Microsoft’s cloud security posture, and how its off-premise services adhere to international and regional legislation.

Previously, the company operated separate hubs containing this information for each one of its cloud services – including Microsoft Azure, Dynamics CRM Online, Intune and Office 365 – but has now merged them to make life easier for its enterprise customers.

“Our customers deploy multiple Microsoft cloud services, and many expressed a desire for a single point of reference for cloud trust resources,” wrote Doug Hauger, general manager for national cloud programmes at Microsoft, in a blog post.

“They have come to rely on the Trust Centers to document the adherence of our cloud services to international and regional standards, describe privacy and data protection policies and processes, and inform them about data transfer and location policies, as well as security features and functionality.”

While security remains a top concern for users about using cloud, the likes of Google, Microsoft and Amazon Web Services have made a concerted effort to convince enterprises their data is safer in the cloud than it is on-premise.

They claim to have bigger security budgets and access to more sophisticated technologies than the average enterprise.

But given the recent fallout from the abolishment of the US Safe Harbour data transfer agreement – and how this may dictate who can access data stored in the cloud – there remains a degree of wariness in organisations about moving on-premise.

Building trust from the centre

The information in the Trust Center is categorised under four headings: security, privacy and control, compliance and transparency. Under each of these are a variety of resources to help Microsoft users understand how the firm secures and stores their data in the cloud.

“The Microsoft Trust Center gives everyone a single view into the commitments that we put a the heart of our trusted cloud: security of operations, data protection and privacy, compliance with local requirements, and transparency in how we do business,” Hauger said.

“Now, customers can view a single page documenting which of our services comply with such standards as ISO 27018 or HIPAA, or our data location policies across services.”

Read more about cloud security

  • Google has hit out at users that continue to cite security as a major barrier to public cloud adoption, claiming their data will be safer there than on-premise.
  • A working group has been established to oversee the creation of cloud security-focused open application programming interfaces (APIs) to make it easier for users to integrate data protection tools across multiple clouds.

Read more on Cloud storage