Microsoft Data Centers Blog

Compliance is a popular and often debated cloud services topic. I see this firsthand in my role as a senior director in Microsoft’s Global Foundation Services (GFS) Online Services Security and Compliance organization. GFS manages Microsoft’s cloud infrastructure. The Online Services Security and Compliance team provides infrastructure security, compliance and reliability capabilities to Microsoft’s 200+ cloud and online services. Read More >>

Microsoft is committed to giving customers the information they need to have confidence in us as a cloud provider. Today, we continue to share our best practices and key learnings to be as open and transparent as possible, and contribute to industry and community efforts to increase trust in the cloud. While there is complexity in the cloud and in some of the security techniques necessary to protect cloud services, explanations should be clear. Read More >>

Microsoft’s Global Foundation Services (GFS) organization delivers the global infrastructure and network for over 200 consumer and enterprise cloud services. The security, privacy and reliability expectations of the customers served by these services must be met in order to develop the level of trust necessary to support a global shift to online and cloud computing. Each of Microsoft’s online and cloud services focus on its respective customer requirements and GFS must meet the obligations that come from all of the more than 200 services because they all reside in the GFS infrastructure. While many of the capabilities must be provided at the service layer, all services have at least some level of dependency on the cloud infrastructure built, managed, and secured by GFS. Read More >>

Global Foundation Services (GFS), which builds and operates Microsoft’s cloud infrastructure, has become one of the first in the industry to complete SOC 2 Type II and SOC 3 audits. The SOC 2 is a new attestation report for service organizations that contains rigorous standards for security, availability, processing integrity, confidentiality, and privacy. Guided by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles, SOC 2 reports are intended to establish trust and confidence with external customers regarding an organization’s service delivery processes and controls. Read More >>