Microsoft Azure Security and Compliance Overview

Play Microsoft Azure Security and Compliance Overview
Sign in to queue

Description

This primer on Microsoft Azure offers insights into its industry-leading approach to security and compliance in the cloud. Learn more about Azure security capabilities; what we do to safeguard Azure and what capabilities we provide for you to use Azure in accordance with your own security and compliance standards.

Day:

2

Session Type:

Breakout

Code:

DCIM-B221

Room:

Room 310A

Embed

Download

The Discussion

  • User profile image
    carlospined​ag

    Can Azure administrators login into a user Virtual Machine?

    I use a certificate for Linux VM authentication. Public key was sent to Azure and private key was saved into the user local machine.

    I use User/Password (which are defined when VM was created) for Windows VM authentication.

  • User profile image
    carlospined​ag

    I found the following documents at www.windowsazure.com/trustcenter under Resources:

    Document: Microsoft Azure Privacy Statement:

    ..."Customer Data is all the data, including all text, sound, software or image files that you provide, or are provided on your behalf, to us through your use of the Services."...

    Document: Security, Privacy, and Compliance in Windows Azure:

    ..."Access to Customer Data by Microsoft personnel is restricted. Customer Data is only accessed when necessary to support the customer's use of Windows Azure."...

    Document: Azure Security: Technical Insights:

    ..."Microsoft operations personnel follow a formal process when they are required to access a customer's subscription or related information, and this is only done at the customer's request or in response to security incidents where there is evidence of misbehavior on the part of the customer's software."

    However, I have a question:

    Is there a document where explicit is said that Microsoft personnel can or cannot log into a user Virtual Machine?

    For example, in the case of AWS one can find the following document:
     
    "Amazon Web Services: Overview of Security Processes" (Nov 2013), In this document one can read:
     ,,,"Guest Operating System: Virtual instances are completely controlled by you, the customer. You have full root access or administrative control over accounts, services, and applications. AWS does not have any access rights to your instances or the guest OS."
     

Add Your 2 Cents