Cloud adoption is increasing at a rapid rate, introducing unique and complex security considerations for users. Security is no longer solely under the control of an organization. It’s an inherent partnership between the organization and the cloud service provider. And organization may not have complete visibility into all aspects or their security. So they need to understand how adopting a cloud-computing model will affect their risk profile related to data security, privacy, and availability. And if they don’t get it right, organizations can compromise the benefits of going to the cloud. Choosing a strong cloud service provider is the first step.
With its Azure offering, Microsoft has built a solid foundation that addresses security with comprehensive administrative, physical, and logical controls—from strict policies for physical access to its data centers, to well thought-out configuration change management procedures. However, a secure foundation is just the start and to build an end-to-end secure computing environment, organizations must still take an active role in protecting systems, applications and data to fulfill their part of a shared security model.
This paper will discuss what part of the shared responsibility equation customers are responsible for and what some of the recommended security practices are that can help create a secure cloud-computing environment.