Security

The pace of digital transformation has accelerated significantly during COVID-19 pandemic, alongside the adoption of cloud services. Bad actors, now more than ever, continuously look for ways to take applications offline. Azure DDoS Protection Standard provides enhanced DDoS mitigation features to defend against DDoS attacks.

As customers continue to adopt a Zero Trust security approach in their digital transformation, they often prefer a way to manage their network security policies and resources in one central place. Today, we are announcing that Azure Firewall Manager now supports managing Azure DDoS Protection Standard for virtual networks. This support is now in preview.

Security is based on the inherent need for safety. Today, we see that need challenged more than ever. In the past year alone, we’ve witnessed an exponential increase in ransomware, supply chain attacks, phishing, and identity theft. These activities fundamentally threaten our human desire for security in situations such as ransomware attacks on hospitals or supply chain attacks on industrial environments.

Today we’re announcing the general availability of Azure Government Top Secret, a significant milestone in our commitment to bringing unmatched commercial innovation to our government customers across all data classifications. This announcement, together with new services and functionality in Azure Government Secret, provides further evidence of Microsoft’s relentless commitment to the mission of national security, enabling customers and partners to realize the vision of a multi-cloud strategy and achieve greater agility, interoperability, cost savings, and speed to innovation.

In our 2020 distributed denial-of-service (DDoS) retrospective, we highlighted shifts in the very active cyberthreat landscape. With the huge surge in internet activity, particularly with the onset of the COVID-19 pandemic, DDoS attacks have ramped up significantly in both volume and complexity.

Security is at the forefront of user and administrator connectivity to cloud services. As enterprises continue to move mission-critical applications to the Cloud, the need for secure, scalable, and reliable remote public connectivity and jumpbox services increases.

We created the Azure Well-Architected Framework to help improve the quality of your workloads, and reliability is one of its five core pillars so for the latest post in our series, I have asked Cloud Advocate David Blank-Edelman to run through how best to approach using the framework to guide your conversations and design decisions in this space.

Recent incidents from ransomware to supply chain compromises have shown both the interconnectedness of our digital world and the critical need to secure these digital assets from attackers, criminals, and other hostile third parties. To achieve this, our customers need Zero Trust security and least privilege access for users and resources.

All service engineering teams in Azure are already familiar with postmortems as a tool for better understanding what went wrong, how it went wrong, and the customer impact of the related outage. For today’s post in our Advancing Reliability blog series, we share insights into our journey as we work towards advancing our postmortem and resiliency threat modeling processes.

Azure has achieved adherence to the EU Cloud Code of Conduct (EU Cloud CoC), the only General Data Protection Regulation (GDPR) code of conduct approved by the European Data Protection Board (EDPB). The EU Cloud CoC also marks the 100th compliance offering for Azure, more than any other cloud provider, providing customers a high level of assurance through controls, evidence, and verification.