Microsoft Windows Azure Cloud Gets ISO 27001 Certification

Microsoft is continuing its campaign of cloud security reassurance with the announcement that the Microsoft Windows Azure platform-as-a-service offering has been awarded the ISO 27001 certification by the British Standards Institute. British? Fancy!

Here’s the upshot of Windows Azure’s ISO certificate, by way of Microsoft’s official blog entry:

“The Information Security Management System for Microsoft Windows Azure including development, operations and support for the compute, storage (XStore), virtual network and virtual machine services, in accordance with Windows Azure ISMS statement of applicability dated September 28, 2011.  The ISMS meets the criteria of ISO/IEC 27001:2005 ISMS requirements Standard.”

In plainer terms, that means that a handful of core Azure features, including compute (Web and Worker roles), storage (Blobs, Queues and Tables), virtual machine (the VM role) and virtual network (Traffic Manager and Connect) are all certified under ISO 27001. In even plainer terms, it means that Azure is guaranteed to meet a certain standard of security and access.

That certification also covers the Windows Azure Management Portal and the Windows Azure service management features. Very soon, according to Microsoft, SQL Azure, Service Bus, Access Control, Caching and the Content Delivery Network (CDN) all will get their own ISO 27001 certification.

“Security” has been the watchword with Microsoft’s cloud news in December. Between Microsoft Office 365 getting its own security and compliance upgrades and this announcement, Redmond seems ready to position itself as a trust leader in the cloud computing market.

Of course, Windows Azure isn’t the first A-list cloud platform to get the ISO 27001 certification. But giving customers greater peace of mind will make for an easier sales pitch for Microsoft’s cloud partners.