Microsoft Data Centers Blog

Compliance is a popular and often debated cloud services topic. I see this firsthand in my role as a senior director in Microsoft’s Global Foundation Services (GFS) Online Services Security and Compliance organization. GFS manages Microsoft’s cloud infrastructure. The Online Services Security and Compliance team provides infrastructure security, compliance and reliability capabilities to Microsoft’s 200+ cloud and online services. Read More >>

Microsoft has delivered online services since 1994 with the launch of MSN. Today, our engineering and operations teams build, manage and secure a$15 billion cloud-scale infrastructure that powers over 200 services for consumers and businesses 24x7x365 via globally distributed data centers, networks, and security mechanisms, software applications and tools. Our cloud supports more than 1 billion customers and 20 million businesses in 76 markets. With an annual investment of $9.5 billion in research and development, we are enabled to continue to accelerate the innovations in our operational processes to maximize reliability, performance, and efficiency as our capacity grows. Read More >>

Microsoft is committed to giving customers the information they need to have confidence in us as a cloud provider. Today, we continue to share our best practices and key learnings to be as open and transparent as possible, and contribute to industry and community efforts to increase trust in the cloud. While there is complexity in the cloud and in some of the security techniques necessary to protect cloud services, explanations should be clear. Read More >>

Attacks on Country-Code Top Level Domains (ccTLDs) have far-reaching effects on private individuals, large and small companies, non-profits, and government organizations. Today, I wrote on the Microsoft Security blog about a new Microsoft Country-Code Top-Level Domain (ccTLD) Registry Security Assessment Service that we are now offering to address this challenge. Read More >>

Global Foundation Services (GFS), which builds and operates Microsoft’s cloud infrastructure, has become one of the first in the industry to complete SOC 2 Type II and SOC 3 audits. The SOC 2 is a new attestation report for service organizations that contains rigorous standards for security, availability, processing integrity, confidentiality, and privacy. Guided by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles, SOC 2 reports are intended to establish trust and confidence with external customers regarding an organization’s service delivery processes and controls. Read More >>