I have not found a complete copy of Microsoft’s SAS70 report for Azure but Microsoft does say that its cloud infrastructure is both Type I and Type II SAS 70 complaint as well as ISO 27001 certified. Most of this information comes from Microsoft and specifically its Global Foundation Services, which is responsible for Microsoft’s internal infrastructure, needs, and cloud infrastructure.
I am going to piece together information the best I can, so we can get see what Microsoft offers us for its cloud infrastructure.
Microsoft says in it white papers it data centers have the following capabilities/controls.
- Physical building security.
- Secure physical access for authorized personnel only.
- Redundant power supplies:
- Two main power supplies from separate providers.
- Battery backup.
- Diesel generators (with alternative fuel delivery contracts in place).
- Multiple fiber trunks connecting the data centers for redundancy.
- Climate control to ensure that equipment runs at optimal temperature and humidity.
Below are two pictures (Figures 1 & 2) of Microsoft’s data center in Chicago. Microsoft uses the concept of datacenter in a trailer/container so they can switch out an entire container instead on replacing a single blade server. These data centers can be deployed inside of a larger building or outside as a stand-alone structure.
I never hear or read about how data/hard disks are destroyed when they pull a container. I find that to be a little discerning. I would not want to see my company’s data on repurpose hardware without a triple delete or on eBay for sale.
http://www.cisco.com/en/US/netsol/ns1121/index.html Cisco has a good video and 3D model plugin that further explains datacenter in a container.