Windows Azure Trust Center

Last Updated: March 2013

As a Windows Azure customer, you have entrusted Microsoft to help protect your data. Microsoft values this trust, and the privacy and security of your data is one of our top concerns. Microsoft strives to take a leadership role when it comes to security, privacy, and compliance practices.

Shared Responsibility

Our customers around the world are subject to many different laws and regulations. Legal requirements in one country or industry may be inconsistent with legal requirements applicable elsewhere. As a provider of global cloud services, we must run our services with common operational practices and features across multiple geographies and jurisdictions. To help our customers comply with their own requirements, we build our services with common privacy and security requirements in mind. However, it is ultimately up to our customers to evaluate our offerings against their own requirements, so they can determine if our services satisfy their regulatory needs. We are committed to providing our customers with detailed information about our cloud services to help them make their own regulatory assessments.

It is also important to note that a cloud platform like Windows Azure requires shared responsibility between the customer and Microsoft.  Microsoft is responsible for the platform, and seeks to provide a cloud service that can meet the security, privacy, and compliance needs of our customers.   Customers are responsible for their environment once the service has been provisioned, including their applications, data content, virtual machines, access credentials, and compliance with regulatory requirements applicable to their particular industry and locale.

Updates

The information presented in the Windows Azure Trust Center is current as of the “last updated” date at top but is subject to change without notice. We encourage you to review the Trust Center periodically to be informed of new security, privacy and compliance developments.