ID and Security in the Cloud

Many companies and IT leaders are eager to realize the benefits of cloud computing, but security is often a concern. For example, a recent study by Maritz Research found that 59% of IT leaders in the US rated security as the biggest risk with cloud.

As part of our Business Ready Security strategy , we are taking a comprehensive approach to security across on-site and cloud infrastructure. This encompasses protection, access and management, all built around user identity and integrated with a highly secure, interoperable platform for a broad set of partner solutions. (At the Worldwide Partner Conference on 7/13, we also announced the official names of the products comprising the Forefront Protection Suite, previously known as codename “Stirling”, in an effort to align our portfolio with this broader definition of security.)

We are delivering both standalone security services and security technologies within Microsoft’s cloud infrastructure. Forefront Online Protection for Exchange is an example of a standalone service solution, providing email security for both on premise Exchange Server and Exchange Online (and other on-premise messaging systems.) Another example is System Center Online Desktop Manager, available in beta by the end of the year. It is an integrated security and management tool that will provide desktop management capabilities in the form of an online service.

Identity is a core part of our strategy, because it allows for more contextual protection and access to information and resources. With our Forefront platform, on-premise identities, such as those in Active Directory, work with cloud services. That enables simplified, secure user access to applications, such as Exchange, regardless of where the application is hosted.

Forefront's identity provisioning/de-provisioning and access management empower customers to integrate their investments in Active Directory and existing identities with cloud infrastructure. And, with solutions like Rights Management Services, in the future customers will be able to enforce persistent, identity-based policies around data anywhere it is stored, sent, or accessed - including the cloud.

We are also providing fundamental identity components for Microsoft cloud services, such as the Azure Services Platform. The Microsoft Services Connector, for example, extends identities from on premises systems to cloud services. The .Net Access Control Service issues and manages identity “claims.” Both are based on the next generation of Active Directory Federation Services, Windows Cardspace, and Windows Identity Foundation which comprise an open platform for simplified user access that works across organization boundaries for on-premise and cloud-based applications.   Beta 2 of all three components is currently available.