Microsoft Azure Security and Compliance Overview

The Discussion

• 

  Can Azure administrators login into a user Virtual Machine?

  I use a certificate for Linux VM authentication. Public key was sent to Azure and private key was saved into the user local machine.

  I use User/Password (which are defined when VM was created) for Windows VM authentication.

• 

  I found the following documents at www.windowsazure.com/trustcenter under Resources:

  Document: Microsoft Azure Privacy Statement:

  ..."Customer Data is all the data, including all text, sound, software or image files that you provide, or are provided on your behalf, to us through your use of the Services."...

  Document: Security, Privacy, and Compliance in Windows Azure:

  ..."Access to Customer Data by Microsoft personnel is restricted. Customer Data is only accessed when necessary to support the customer's use of Windows Azure."...

  Document: Azure Security: Technical Insights:

  ..."Microsoft operations personnel follow a formal process when they are required to access a customer's subscription or related information, and this is only done at the customer's request or in response to security incidents where there is evidence of misbehavior on the part of the customer's software."

  However, I have a question:

  Is there a document where explicit is said that Microsoft personnel can or cannot log into a user Virtual Machine?

  For example, in the case of AWS one can find the following document:

   

  "Amazon Web Services: Overview of Security Processes" (Nov 2013), In this document one can read:

   ,,,"Guest Operating System: Virtual instances are completely controlled by you, the customer. You have full root access or administrative control over accounts, services, and applications. AWS does not have any access rights to your instances or the guest OS."