Windows Azure demonstrates the degree to which technology and services are available at the global level.  Companies around the world are using Azure to enable services and applications that serve local and global geographies.  Microsoft has done a great job of enabling Azure in many different geographies, as the following examples demonstrate.

                Sopima, a U.S. based company that provides services for managing business contract life cycles and OCCMundial, a Mexico based company that provides an online job listing application, both switched to the Windows Azure platform.  Each company plans to save U.S. $500,000 per year by using cloud services rather than maintaining their own infrastructure.  Both companies are excited that they will be able to have technical staff focus on development rather than infrastructure.  Kelley Blue Book (KBB) is moving its .NET 3.5 solution to Azure from two hosted data centers, and will be saving $100,000 per year.  KBB evaluated other software-plus-service solutions and selected Azure based on cost, ease of management and available features.

                TradeFacilitate, a company that helps importers and exporters in the European Union, needed a system that would allow them to scale out quickly and enable them to serve customers outside of the E.U. and enable efficient data transactions between the U.S. and the E.U. Utilizing the integrated development environment that is available in Visual Studio, they were able to quickly migrate their code base to run in the cloud.  By using Azure, they were able to scale their applications without needing more staff to manage a more complex infrastructure.

                TicketDirect International is a major ticketing service for venues in Australia and New Zealand.  The nature of ticket sales involves peak loads, and their internal solution requires extra staff and time to manage.  Working with a Microsoft partner, they have decided to move their solution to Windows Azure and their database to SQL Azure so that they can focus further on customer-centered needs, give up the cost of maintaining their own production hardware, and cost-efficiently enable scaling for peak loads.

                 Glympse provides a web-based location-sharing application for use with GPS-enabled phones.  The company constantly evaluates hosting services, and recently moved from Amazon to Azure for the integrated development environment.  The development environment and available services provided with Azure surpass those offered by Amazon.  Additionally, Glympse found that the performance of Azure exceeded that available with the Amazon service.

                The Associated Press provides news that is seen by more than half of the world’s population on any given day.  In an effort to encourage more applications to use information available from them, they created a highly scalable API that can be used by developers worldwide.  The company uses SQL Azure, Windows Azure and the Azure Service Bus to efficiently enable integrations, selectively expose services outside the firewall, take the worry out of capacity planning, and provide high quality development tools.  The management capabilities for deployment and capacity needs in Azure far exceeded those available with other cloud providers.

More case studies and detailed articles can be found at http://www.microsoft.com/windowsazure/evidence/

Security is essential to any computing environment, and Windows Azure is no different.  In any given field, experience is the key element to success, and Microsoft has more experience in the delivery and consumption of online services than any other company out there.  Microsoft has been managing online computing environments since 1994 when MSN was launched.  They have partnerships in place in over 100 countries that enables them to remain compliant with standards and requirements, and they provide services to hundreds of millions of customers around the world on any given day.  These partnerships and the global exposure ensure that Microsoft exercises the most stringent compliance to standards and security practices.  The Microsoft Information Security Program draws on more than 15 years of experience, and is constantly maintained and updated based on threats and security evaluations.

                The Microsoft Online Services Security and Compliance (OSSC) team manages ongoing risk analysis and security control.  The OSSC team is responsible for enabling trustworthy online services through Azure.  This team has deployed a defense-in-depth approach to security that includes regular risk management reviews, development, and maintenance of a security control framework along with ongoing efforts and collaboration with law enforcement entities around the world.  This process is not new with Azure - it has been in place since MSN was launched in 1994.  Microsoft has been maintaining the Global Foundation Services (GFS) for years, as GFS provides the foundation for MSN, Windows Live and now the Windows Azure platform.  Their practices are tried and true, and have proven successful for hundreds of millions users.

                Physical security, which provides for data privacy and service availability, is provided multiple perimeters, with access being more restricted at each perimeter.  A least privileged security policy is used, ensuring that only essential personnel actually get near the equipment.  Security measures include password, hardware tokens, smart cards and biometrics.

                Specialized hardware such as load balancers, firewalls, and intrusion prevention devices ensure the integrity and security of the cloud network.  The infrastructure actively prevents denial of service attacks and uses gateway functions on dedicated hardware to perform packet inspection and take actions such as blocking suspicious activity.  A globally redundant internal and external DNS infrastructure provides for fault tolerance while additional security controls prevent distributed denial of service attacks and protect the integrity of DNS services.  Continuous monitoring for unauthorized software and DNS zone configuration changes as well as other disruptive service events ensures a secure, reliable DNS environment.

                Microsoft classifies information assets to determine the strength of security controls to apply to data.  A matrix including the business impact and data sensitivity of compromised data is used to classify data.   For example, assets falling in the moderate impact category are subject to encryption requirements when they reside on removable media or when they are involved in external network transfers.  High impact data is additionally subject to encryption requirements for storage and for internal system or network transfers.  In Azure, symmetric encryption requires more than 128 bit keys while asymmetric encryption requires keys that are at least 2,048 bits long.