Summary of Azure Security Blog Posts

Hammad Rajjoub, an Architect Advisor in Singapore has collated this list of Azure security posts. Learn more at Global Foundation Services Online Security. The Global Foundation Services team delivers trustworthy, available online services that create a competitive advantage for you and for Microsoft’s Windows Azure.

Part 1: The Challenges, Defense in Depth. This post describes the threat landscape and introduces the plan for your application to employ defense in depth in partnership with Windows Azure.

Part 2: What Azure Provides Out-of-the-Box.This is an overview that security with Windows Azure is a shared responsibility, and Windows Azure provides your application with important security features. But then again, it also exposes other vulnerabilities that you should consider. In addition, I’ll explore how Microsoft approaches compliance.

Part 3: Identifying Your Security Frame. This post explores how you can examine your application and identify attack surfaces. The idea of a Security Frame is a way for you to look at your application to determine treats and your responses, before you even begin coding. He point you to checklists that you can use when you are architecting your application.

Part 4: What Else You Need to Do. In addition to protecting your application from threats, there are additional steps you should take when you deploy your application. We provide a list of mitigations that you should employ in your application development and deployment.

Part 5: Claims-Based Identity, Single Sign On. User identification represents the keys to accessing data and business processes in your application. In this section, I describe how you can separate user identity and the roles of your user out of your application and make it easier to create single sign on applications.

Part 6: How Azure Services Extends Your App Security. Finally, he shows how other services in Windows Azure provide secure identity mapping, messaging, and connection to on premises application. This section suggests how you can use Windows Azure Active Directory, Windows Azure Connect, and Service Bus for your cloud applications, on premises applications, and hybrid applications.

Part 7: Tips, Tools, Coding Best Practices. here are a few more items you should consider in securing your Windows Azure application. Here are some tools, coding tips, and best practices: running on the operating system, error handling, and how to access to Azure Storage

Moving from credit card to invoice payments

I have spoken to a few customers recently who have asked:

What’s the best way to purchase Windows Azure?

There are two ways to do this today.

  1. Pay-As-You-Go credit card payments
    this is a flexible way of paying for Azure without up front costs. There’s no long term commitment and you only pay for what you use.
  2. A subscription or invoice payments
    These come in 6, 12 and 36 month options with at least 20% discount for compute/database purchases and 39% for storage.

Visit for more information and pricing.

I am a pay as you go customer paying by credit card. Can I move my account to a subscription?

“This option is available upon request and may require a credit review.  Most Microsoft Volume Licensing customers will not require a credit review and can have this ability enabled right away. Customers can contact OCP customer service directly to request this.”

If you have been through this process, please get in touch. I’m keen to understand what the process was like… was it easy? Hard? Any tips to share with others about to embark on the same process?