Great White Paper on Azure Data Security Just Published

Microsoft has published a really good white paper on Azure Data Security.  You can find the paper here.

The paper focuses on key issues around allocation of customer storage space and how this storage is secured during allocation and when it is de-allocated.  Microsoft outlines how customer data is destroyed as it is de-allocated so that there is no method for another customer getting access to that data if they are randomly allocated a previously used storage block.

image

Data destruction techniques vary depending on the type of data object being destroyed, whether it be whole subscriptions themselves, storage, virtual machines, or databases. In a multi-tenant environment such as Microsoft Azure, careful attention is taken to ensure that one customer’s data is not allowed to either “leak” into another customer’s data, or when a customer deletes data, no other customer (including, in most cases, the customer who once owned the data) can gain access to that deleted data.

In a shared storage service such as Azure, this protection of customer data is a fundamental requirement for ensuring that your data is protected from other customers (and/or malicious hackers).