Cloud based access control explained: Part 3
What is cloud based access control and why should you trust your security to it? In this series, we take a deep dive into Azure cybersecurity frameworks and how Microsoft ensures their cloud solution is secure.
This is the final part of this series, and if you’re just joining us, I encourage you to start from the beginning to learn about the basics of the cloud, as well as the policies and methods used to keep the Azure hardware and software secure.
Secure network infrastructure: Testing and monitoring
Now that we’ve looked at how the software and data in Azure are secured, we’ll be looking at how they ensure it stays secure with continuous monitoring and testing.
Microsoft invests over a billion dollars annually in their cybersecurity frameworks and teams, with over 3500 dedicated cybersecurity experts working 24/7, 365 days a year. Part of these 3500 experts are 200 professionals who continuously run through penetration exercises to identify potential vulnerabilities in the Azure system.
The amount of cybersecurity experts employed by Microsoft
24 hours a day, 7 days a week, 365 days a year, Microsoft's security experts are protecting Azure.
The amount of experts continuously running penetration exercises to identify potential vulnerabilities in Azure
Testing the code is a foundational part of adding components to Azure and every software component of an Azure build must be tested using an Endpoint Protection anti-virus tool.
Every virus scan creates a log, detailing what was scanned and the results. Code is only moved to production when it gives a clean virus scan – if any issues or bugs are found, the build is frozen and moved to the cybersecurity experts to identify where the bad code was entered.
These tests stop the risks from malicious code and malware before they can even enter the system.
Still not fully convinced? Well, let’s consider Microsoft’s experience in cloud and cyber security.
Microsoft has decades of experience in ensuring their systems are secure and in investing at scale in infrastructure, hardware, and experts. The Xbox gaming console remains a top ranked system, while the Microsoft 365 suite – including Teams, OneDrive, Word, Excel and many more – has nearly half a billion active users.
These are either cloud-based applications, like Teams and OneDrive, or have cloud saving capabilities to allow you to access them anywhere, such as Xbox or Word. Securing cloud applications is not only something Microsoft has decades of experience in, it’s an integral part of their business.
All of these policies and frameworks – from how Microsoft protects their data centers and the way your data is encrypted when in those centers or travelling between, to the intentional continuous investment in monitoring and testing that Microsoft undergoes – are designed to keep Protege X and therefore, your data, safe and secure.
As you gain a deeper understanding of the cloud and its security, we hope that you’re starting to feel more comfortable with it and trusting your security and access control to cloud based systems. New technology can be hard to trust, but the cloud means you can truly access your things – like tv shows, word documents, or even Protege controller information – from anywhere, at any time.
- The cloud is a global network of servers that allow you to access the internet
- Microsoft has an entire division dedicated to designing, building, and operating the Azure data centers
- Your data has built in disaster recovery in case of outages or failures as it’s stored in at least two geographically dispersed data centers
- Protege X, ICT’s cloud system, is built using best practices like multi-factor authentication to verify who is accessing systems
- All data is encrypted both in transit and at rest, mitigating any attacks by malicious actors
- All data at rest is segregated using network virtualization, ensuring any breaches or incidents in other networks, don’t impact the rest of the server
- Microsoft invests over a billion dollars annually into cybersecurity, employing over 3500 experts who work on Microsoft cybersecurity 24/7 and continuously run penetration exercises to identify potential risks
- Every piece of code must go through rigorous testing to ensure it's clean before it can be entered into Azure
- Microsoft has decades of experience in ensuring systems like Xbox and their Microsoft 365 suite are safe and secure
In this series, we have taken a deep dive into cloud based access control, how Azure secures their hardware and software using best practices in the industry, as well as how Azure and ICT ensure the system is continuously monitored and tested. All of these frameworks and policies help to support and protect Protege X, our future-proof, scalable cloud-based solution.