Skip to content
Microsoft Secure

Questions to ask your cloud provider

When it comes to building trust with cloud services customers, there’s no substitute for transparency. A cloud provider should be able to explain in detail how it will address the security, privacy and compliance needs of its customers.  Read more >>...

Read more

Protecting customer email from government eyes

At Microsoft, we know that customer trust is essential to our business. People will use technology only if they can trust it, and our commitment to protecting customer data is an important element in building and maintaining that trust. The issue of who owns email is at the center of an important hearing in U.S....

Read more

My “Desert Island Half-Dozen” – recommended reading for resilience

When I speak with customers, they often ask how they can successfully change the culture of their IT organization when deciding to implement a resilience engineering practice. Over the past decade I’ve collected a number of books and articles which I have found to be helpful in this regard, and I often recommend these resources...

Read more

Protecting Data and Privacy in the Cloud: Part 2

Microsoft understands that a customer’s willingness to use a particular cloud computing service depends on their ability to trust that the privacy of their information will be protected, and that their data will only be used in a manner consistent with customer expectations. But even the best designed and implemented services can only protect customer...

Read more

Reliability Series #3: Reliability-enhancing techniques (Part 1)

In my previous post, I discussed “DIAL”, an approach we use to categorize common service component interaction failures when applying Resilience Modeling & Analysis, (RMA), to an online service design.  In the next two posts,  I’ll discuss some mitigation strategies and design patterns intended to reduce the likelihood of the types of failures described by...

Read more

Reliability Series #2: Categorizing reliability threats to your service

Online services face ongoing reliability-related threats represented by device failures, latent flaws in software being triggered by environmental change, and mistakes made by human beings. At Microsoft, one of the ways we’re helping to improve the reliability of our services is by investing in resilience modeling and analysis (RMA) as a way for online service...

Read more

Reliability Series #1: Reliability vs. resilience

Whenever I speak to customers and partners about reliability I’m reminded that while objectives and priorities differ between organizations and customers, at the end of the day, everyone wants their service to work. As a customer, you want to be able to do things online, at a time convenient to you. As an organization –...

Read more

RSA Conference USA 2014: New Foundations for Threat Modeling

What if you could deploy a process that would help you develop software products and services with better security, shorter development cycles, and fewer surprises for your customers? Those are some of the benefits of threat modeling, which was the topic of an excellent presentation: New Foundations for Threat Modeling, from Adam Shostack, principal security...

Read more

RSA Conference 2014: Reflections from the Microsoft team

RSA Conference 2014: Reflections from the Microsoft team

One of the best things about the RSA Conference is the incredible exchange of ideas that takes place, and this year was no exception. Microsoft’s security and privacy leaders were busy, not just with their own presentations, but also in discussions with other thought leaders, industry professionals and customers from around the world.  See more...

Read more