Azure Security
Azure Security — Compliance Programs
Enterprise Companies WILL NOT BUY your software solutions unless its secure.
How are you going to meet their security compliance requirements?
We’ll only do business with you if you are…
- NIST 800-53
- PIPEDA Compliant
- HIPPA Compliant
- FIPS-140-2 Compliant
Criminal Justice Information Services (CJIS)
Any US state or local agency that wants to access the FBI’s CJIS database is required to adhere to the CJIS Security Policy.
Cloud Security Alliance (CSA) STAR Certification
Independent third-party assessment of a cloud provider’s security posture
General Data Protection Regulation (GDPR)
A European privacy law. Imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents.
EU Model Clauses
Contractual guarantees around transfers of personal data outside of the EU
Health Insurance Portability and Accountability Act (HIPAA).
US federal law that regulates patient Protected Health Information
International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27018.
Code of practice, covering the processing of personal information by cloud service providers.
Multi-Tier Cloud Security (MTCS) Singapore.
Operational Singapore security management Standard. A common standard that cloud service providers (CSPs) can apply to address customer concerns about the security and confidentiality of data in the cloud, and the impact on businesses of using cloud services.
Service Organization Controls (SOC) 1, 2, and 3.
independent third-party examination reports that demonstrate how the company achieves key compliance controls and objectives
National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
Voluntary Framework that consists of standards, guidelines, and best practices to manage cybersecurity-related risks.
UK Government G-CIoud.
Cloud computing certification for services used by government entities in the United Kingdom
Federal Information Processing Standard (FIPS) 140-2
US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information.
Azure Security Center
Azure Security Center is a unified infrastructure security management system It strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud.