Security is more than a feature, it’s a commitment
Identity and access
Govern user access to Microsoft applications and other pre-integrated cloud apps through capabilities such as multi-factor authentication and access monitoring.
Encryption
Your data is encrypted at rest and in transit with advanced protocols and best-in-class cryptography. Further encrypt your stored data with built-in tools.
Flexibility and choice to control how your data is managed
Click to adjust the balance of private and public cloud to see how it affects your hybrid options.
More private hybrid approach:
- Increased resilience and load-balancing capabilities in your datacenter
- Improved application performance
- Simplified deployment with Microsoft System Center
- Trimmed IT costs compared to on-premises environments
- Increased agility
Equally hybrid approach:
- Extend your datacenter with a consistent management toolset
- Familiar development and identity solutions
- Meet changing business needs with greater flexibility
- Deliver capacity on demand
More public hybrid approach:
- Integrated tools and pre-built templates
- Managed services
- Worry-free server maintenance
- Easily integrates with your existing IT environment
- Scale as needed
- Pay as you go
Anatomy of a breach
How do people infiltrate enterprise network defenses? Are you aware of the potential threats to your company? Do you have the right plan in place to resist, mitigate, and recover from a breach? Knowing the stages of a breach can help prepare you to protect yourself and your company.
Stage one: The initial foothold
A spam email or a vulnerability can open the door for malicious hackers to gain a foothold in your organization.
Stage two: Local escalation
Once they’re in, they’ll look for a higher level of access or administrator rights to escalate and widen their influence.
Stage three: Network escalation
They gain access to high value credentials. Now, they reuse those across the environment to access to what they’re looking for.
Stage four: Persistence
They settle in for the long haul, commonly installing a permanent backdoor for long-term, repeat access to your systems.
Stage one: The initial foothold
A spam email or a vulnerability can open the door for malicious hackers to gain a foothold in your organization.
Stage two: Local escalation
Once they’re in, they’ll look for a higher level of access or administrator rights to escalate and widen their influence.
Stage three: Network escalation
They gain access to high value credentials. Now, they reuse those across the environment to access to what they’re looking for.
Stage four: Persistence
They settle in for the long haul, commonly installing a permanent backdoor for long-term, repeat access to your systems.
Protect, detect, and respond
Microsoft uses a multi-layered approach to address threats to our customers and the technology ecosystem.
Fighting cybercrime
The Microsoft Digital Crimes Unit seeks to provide a safer digital experience for every person and organization on the planet by protecting vulnerable populations, fighting malware, and reducing digital risk.
Protecting your enterprise
The Microsoft Enterprise Cybersecurity Group is a team of world-class architects, consultants, and engineers that empowers organizations to move to the cloud more securely, modernize their IT platforms, and avoid and mitigate breaches.
Defending against cyberthreats
The Cyber Defense Operations Center is a state-of-the-art facility that brings together security response experts from across the company to help protect, detect, and respond to cyberthreats in real-time—all day, every day.
Fighting cybercrime
The Microsoft Digital Crimes Unit seeks to provide a safer digital experience for every person and organization on the planet by protecting vulnerable populations, fighting malware, and reducing digital risk.
Protecting your enterprise
The Microsoft Enterprise Cybersecurity Group is a team of world-class architects, consultants, and engineers that empowers organizations to move to the cloud more securely, modernize their IT platforms, and avoid and mitigate breaches.
Defending against cyberthreats
The Cyber Defense Operations Center is a state-of-the-art facility that brings together security response experts from across the company to help protect, detect, and respond to cyberthreats in real-time—all day, every day.
Protection you can rely on
Physical Security
Every datacenter is constructed, managed, and monitored to protect data from unauthorized access.
Platform Security
Your data is protected by hardened operating systems and backed by a defense-in-depth strategy that helps protect the cloud.
Network Security
We provide secure communications between your infrastructure and the Microsoft Cloud and we block unauthorized traffic.
Protection you can rely on
Physical Security
Every datacenter is constructed, managed, and monitored to protect data from unauthorized access.
Platform Security
Your data is protected by hardened operating systems and backed by a defense-in-depth strategy that helps protect the cloud.
Network Security
We provide secure communications between your infrastructure and the Microsoft Cloud and we block unauthorized traffic.
Commitment to privacy that starts with you
Click the different layers of privacy to see how we do it.
Your data
Keeping your data yours, and giving you control, is at the core of what we do.
Enforced privacy contracts
Your privacy is protected in contractual terms. We are unique among cloud providers in having contractual commitments that provide strong privacy protection.
Keeping your data private
We never use the data you store for advertising, marketing, or any other purposes. In addition, your data is protected at all times from government surveillance.
International privacy standards
You can be confident our enterprise cloud services meet the strictest data protection requirements. Microsoft was the first major cloud provider to meet both the rigorous EU privacy requirements for international transfer of customer data, and the world’s first international standard for cloud privacy (ISO 27018).
Trust is a result of transparency
Microsoft Transparency Hub
Here, we bring together our transparency reports including the Law Enforcement Requests Report and U.S. National Security Orders Report.
Learn moreGovernment Security Program
We provide participating governments with the appropriate level of transparency to help ensure that Microsoft products have no hidden back doors.
Learn moreMicrosoft Trust Center
We will keep you informed about where your data is stored in addition to the processes, practices, and policies that we use to protect your data.
Learn moreWe will keep you informed about where your data is stored in addition to the processes, practices, and policies that we use to protect your data.
Download StorSimple Shoring up Infrastructures White Paper PDF and Read about Microsoft Trust Center
One of the largest compliance standards and certifications portfolio in the industry
We have over 30 years of experience working with enterprises to build on-premises workplace environments that comply with a variety of standards and regulations. The Microsoft Cloud is built on that experience and we lead the industry in working with customers, regulatory bodies, and standards boards to advance compliance to meet customer needs.
See the list of compliance standards we meet around the worldReview questions to ask your cloud provider about compliance
