This primer on Microsoft Azure offers insights into its industry-leading approach to security and compliance in the cloud. Learn more about Azure security capabilities; what Microsoft does to safeguard Azure and what capabilities Microsoft and Law Office Clouds provide for your firm to use Azure in accordance with your own security and compliance standards.
Azure networking provides the infrastructure necessary to securely connect VMs to one another and to connect on-site datacenters with Azure VMs. Azure blocks unauthorized traffic to and within Microsoft datacenters, using a variety of technologies such as firewalls, partitioned local area networks (LANs), and the physical separation of back-end servers from public-facing interfaces.
Azure Virtual Network extends your on-premises network to the cloud through site-to-site VPN, much the way you’d set up and connect to a remote branch office. You control the network topology, including configuration of DNS and IP address ranges, and manage it just like your on-site infrastructure. Azure Virtual Network enables you to assign multiple deployments within a subscription to a virtual network and allow those deployments to communicate with each other using private IP addresses. Each virtual network is isolated from other virtual networks.
To protect against online threats, Azure offers Microsoft Antimalware for cloud services and virtual machines, and uses detection and mitigation techniques to protect against DDoS attacks. Customers can also run antimalware solutions from partners on their VMs.
Monitoring, logging, and reporting
To help you manage the large amount of information generated by devices within the Azure environment, Azure offers centralized monitoring and analysis systems that provide continuous visibility and timely alerts to the teams who manage the service.
In addition to the robust security capabilities built into Azure, the Azure Marketplace offers a rich array of additional security products built by our partners for Azure.
Microsoft conducts regular penetration testing to improve Azure security controls and processes. However, we understand that security assessment is also an important part of our customers’ application development and deployment. So, we have established a policy for you to carry out authorized penetration testing on your applications hosted in Azure. Because such testing can be indistinguishable from a real attack, it is critical that customers conduct penetration testing only after getting advance approval from Azure Customer Support. You must conduct penetration testing in accordance with our terms and conditions, and requests should be submitted with a minimum of seven-day advance notice.