Cloud Security

Hi all – Doug Leland here, general manager of the Identity and Security Business Group. Today at the Microsoft Management Summit vice president Bob Kelly spoke about cloud computing. He outlined Microsoft’s investments and provided guidance to help customers understand their options as they incorporate the cloud into their future plans, whether it is through “private clouds,” “public clouds,” or a combination. You can read an article about this and view the keynote or a related webcast on-demand.

I wanted to provide some additional information about our efforts to help customers maintain security with cloud infrastructure.

As part of our Business Ready Security strategy, we are taking a comprehensive approach to security across on-site and cloud infrastructure. This encompasses protection, access and management, all built around user identity and integrated with a highly secure, interoperable platform for a broad set of partner solutions.

Identity is a core part of our strategy, because it allows for more contextual protection and access to information and resources. With our Forefront platform, on-premise identities, such as those in Active Directory, work with cloud services. That enables simplified, secure user access to applications, such as Exchange, regardless of where the application is hosted.

Forefront's identity provisioning/de-provisioning and access management empower customers to integrate their investments in Active Directory and existing identities with cloud infrastructure. And, with solutions like Rights Management Services, in the future customers will be able to enforce persistent, identity-based policies around data anywhere it is stored, sent, or accessed - including the cloud.

We are delivering both standalone security services and security technologies within Microsoft’s cloud infrastructure. Forefront Online Security for Exchange is an example of a standalone service solution, providing email security for both on premise Exchange Server and Exchange Online (and other on-premise messaging systems.) Another example is System Center Online Desktop Manager, introduced today and available in beta by the end of the year. It is an integrated security and management tool that will provide desktop management capabilities in the form of an online service.

We are also providing fundamental identity components for Microsoft cloud services, such as the Azure Services Platform. The Microsoft Services Connector, for example, extends identities from on premises systems to cloud services. The .Net Access Control Service issues and manages identity “claims.” Both are based on “Geneva,” an open platform for simplified user access that works across organization boundaries for on-premise and cloud-based applications. Beta 2 of “Geneva” will be available soon.

I hope this information is helpful. Let us know if you have questions or comments.

Doug