Microsoft is aiming to make trust a key part of its pitch to organisations looking to make use of cloud services as part of an IT strategy. The firm seeks to reassure customers, especially large enterprises and those in industries such as finance, that Microsoft's cloud is the safest option for storing data and running applications.
Microsoft's cloud services comprise a number of offerings, including the Office 365 productivity suite and Azure public cloud platform that provides infrastructure-as-a-service resources such as virtual servers and platform-as-a-service resources for developers building their own cloud-based applications.
However, Microsoft is not the only public cloud provider in the market, and is far from being the largest. Estimates from analyst Gartner suggest that Amazon Web Services (AWS) is by far the largest, having 10 times the capacity of the next 14 cloud providers combined. This, along with the ever expanding range of functions that AWS operates to make it easier to build an application, has made it the default choice for many web-based startups.
But Microsoft has advantages of its own, in that the vast majority of enterprise customers already use Windows servers and Microsoft management tools, which in theory should make it easier to migrate workloads to Azure than any other cloud platform.
The company also seems to have identified trust as a key factor in winning over hearts and minds, and some of its recent announcements can be seen in this light, such as the firm's first UK-based data centre coming later this year that will enable businesses in London and especially the financial district to ensure that data stays within UK jurisdiction.
"We have to make sure that we give customers choice, such as where their data resides, and the performance that they need," said Doug Hauger, Microsoft's general manager for national cloud programmes.
"But we also have to make sure that we are their trusted cloud provider, so we're very clear about the things that we do around security, around privacy and control, and on compliance, where we are an industry leader."
In fact, security, privacy/control, compliance and transparency are the four pillars of what Microsoft calls its Trusted Cloud initiative, which lays out the firm's whole strategy for gaining the trust of customers that their data and applications are safe in Microsoft's cloud.
On security, Hauger pointed to Azure Key Vault, which allows customers to securely store and manage their own cryptographic keys to protect their data, while features such as Customer Lockbox for Office 365 enable firms to control some of the administrative processes governing their account.
Meanwhile, Microsoft is keen to point out its growing list of certifications for data security and management compliance, such as the ISO 27018 code of practice for protection of personally identifiable information, SOC 1 or SOC 2, or the Payment Card Industry standards, plus its willingness to comply with local requirements such as those specified for the UK government's G-Cloud initiative.
But transparency is the most important part of the Trusted Cloud, according to Hauger.
"We can do all of those things, but customers are very clear that we have to be transparent about what we are doing, and that is why we have third parties audit what we do against a set of security controls, and we can make those audits available to customers so they can see the results," he said.
"We know that banks and other financial services companies are accountable to their regulators for the services they use, so we have a programme where we can give banks the ability to let the regulators inspect our audits as well."
And with cloud services beginning to mature and become mainstream, the attitude towards using them has shifted over the past few years. Even industry sectors that were previously wary of getting involved with the cloud are now starting to see it as a valuable part of an overall IT strategy, according to Microsoft.
"We've seen a very significant change in the conversations we're having with customers over the last couple of years. Now, we're not only seeing broad enterprise adoption of our cloud services, but we're seeing adoption even in regulated industries such as financial services, where we have customers for Office 365 and Azure," Hauger said.
Microsoft has long maintained that customer data is probably safer in its data centre than the customer's own premises, because of the higher security standards, physical and digital, that the firm has to adhere to as a service provider.
"But now we can prove through this transparent approach that this is actually the case, and we're seeing customers come on board with significant usage and workloads on the platform," he said.
Furthermore, Microsoft customers that have shifted resources to the public cloud are now seeing investment freed up so that they can focus on core business requirements and innovation, Hauger claimed, which proponents have long touted as potential benefits of cloud adoption.
Even if customers do not want to move some workloads to the public cloud, Microsoft offers cloud-like automation capabilities for on-premise infrastructure through the Cloud Platform System or Azure Pack, ensuing that customers can seamlessly move workloads between their data centre and Azure, if required.
"Once customers start using public clouds and they understand and see the transparency around security we're doing, they soon realise there are many more workloads they can move to a public cloud. But we offer the choice to be along that continuum, as we know there are some workloads that they will want to keep in their own data centre," Hauger said.
A new RSA report urges coders to sign a 'Hippocratic Oath' before embarking on AI programmes.
IT security vendor believes APT33 is working for the Iranian government
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal