The infrastructure, data, and apps built and run in the cloud are the foundational building blocks for a modern business. No matter where you are in your cloud journey, you likely utilize every layer of the cloud—from infrastructure as a service (IaaS) to platform as a service (PaaS) to software as a service (SaaS). You also may take advantage of services from several cloud and app providers. Many organizations operate a cross-cloud environment, but it can complicate security. A fragmented view of your cloud environment limits opportunities to holistically improve your security posture. It can also lead to missed threats and SecOps burnout.
I found this document for Enterprise Architects. It talks about what IT architects need to know about security and trust in Microsoft cloud services and platforms:
Download the document from here – MSFT_cloud_architecture_security
- It talks about Microsoft Cloud Principles: Security, Privacy & Control, Compliance, Transparency.
- The responsibilities and controls for the security of applications and networks by service type: SaaS, PaaS, IaaS, and Private Cloud.
- Keys to success: Governance & Security Policy, Administrative Privilege Management, Identity Systems and Management, Threat Awareness, and Data Protection.
- The top security certifications Microsoft cloud:
Microsoft is committed to the privacy and security of your data and applications in the cloud. Through industry-leading security practices and unmatched experience running some of the largest online services around the globe, Microsoft delivers enterprise cloud services customers can trust.
This document is vital, so I highly recommend to go through once and let me know if you have any questions or need access to related materials.
Kiran NR Cyber-security blog 