- Microsoft has renewed our Azure Service Organization Controls (SOC) 1 and 2 Reports, expanding service coverage to include 14 new services in SOC, and achieved a SOC 3. New Azure in-scope services include: Scheduler, API Management, Azure Redis Cache, ExpressRoute, Automation, Load Balancer, HDInsight, Premium Storage, SQL Database, Event Hubs, Sync Fabric (Microsoft Azure Active Directory [Azure AD]), Password Single Sign-on (Azure AD), Self-Service Group Management (Azure AD), and Operational Insights.
- Microsoft renewed our Azure Payment Card Industry (PCI) certification, updating PCI Data Security Standard (DSS) 3.0 to PCI DSS 3.1 and expanding service coverage. Services added with this certification include HDInsight, Key Vault, Azure Resource Manager, and Azure Redis Cache.
- Microsoft has achieved Japan Cloud Security Gold Mark (CS Gold Mark) accreditation by Japan Information Security Audit Association (JASA). The scope includes all layers (IaaS, PaaS, and SaaS) with Azure and Office 365 and all regions operated by Microsoft that have achieved SOC 2 Type 2. CS Gold Mark is a standard based on ISO/IEC 27017.
For more information, please visit the Compliance, SOC 1, 2, and 3 Reports, Payment Card Industry (PCI) Data Security Standard (DSS) Level 1, and Cloud Security Mark (Gold) pages.
Learn more about how Microsoft Azure secures your data and protects your privacy at the Microsoft Azure Trust Center.