da Agency

Azure compliance white paper-o-rama

Following national and regional regulations of the countries your business operates in is not an easy task, yet it is an absolute necessity as businesses across all industries see their customer bases expand geographically. Whether you’re a business or an organization operating within the boundaries of a single country or across the globe, you can confidently move to the cloud and still maintain alignment with regional and international requirements. To help our customers understand how to deploy in Azure while successfully interpreting US and international governance requirements, we produced a series of documents that can be leveraged during your cloud adoption journey.

The following white papers include guidance for US law enforcement, US education, UK G-cloud, and Cloud services in Germany, Malaysia, New Zealand, Singapore, and Australia. These papers shed light on the nuances we want our customers to be aware of when interacting with government or regional authorities as it relates to adopting Azure cloud services.
 
Here's a short summary of our most recently produced white papers:

 The CJIS Implementation Guidelines for Azure Government, Office 365 Government, Dynamics CRM Online Government white paper is designed to provide insight into the Criminal Justice Information Services (CJIS) security controls applicable to Microsoft Cloud services, and provide guidance to law enforcement agencies on where to access detailed information to assist in CJIS audits. This document provides guidelines and resources to assist CJIS Systems Agencies (CSA) and law enforcement agencies (LEA) in implementing and utilizing Microsoft Government Cloud features, which meet the applicable CJIS certification standards and are consistent with FBI CJIS Security Policy.
The FERPA Implementation Guide for Microsoft Azure white paper helps educational organizations that are considering a move to Azure and are looking for guidance in designing and operating solutions that incorporate security controls to help them meet their compliance challenges. This paper provides insight into how Microsoft meets its compliance obligations on the platform and presents best practices and security principles that are aligned to the Family Educational Rights and Privacy Act (FERPA), International Organization for Standardization (ISO) 27001, Microsoft’s Security Development Lifecycle (SDL), and operational security for online security.  
The Microsoft Cloud Germany for commercial customers in the European Union (EU) and European Free Trade Association (EFTA) white paper provides guidance on how to store and manage customer data in compliance with applicable German laws and regulations as well as key international standards. By leveraging the Microsoft developed data trustee model that provides and enables European customers to move to the cloud, EU and EFTA customers can achieve compliance while utilizing Azure cloud services.
The Microsoft Azure Compliance in the context of Malaysia Security and Privacy Requirements white paper addresses Malaysian regional compliance matters in the context of Malaysia Security and Privacy Requirements. Read this white paper to learn more about the questions faced by customers in Malaysia who are considering a move to the cloud.
The Microsoft Azure Compliance in the context of New Zealand Security and Privacy Requirements white paper is written for IT decision makers in New Zealand who are considering whether to move their data to Microsoft Azure. This paper addresses questions like: Does Microsoft Azure meet New Zealand’s compliance requirements? Where is data stored and who can access it? What is Microsoft doing to protect data? How can a customer verify that Microsoft is doing what it says? New Zealand organizations in need of meeting compliance requirements can read this paper to learn about Azure key security and privacy principles that will enable them to meet their compliance goals.
The Microsoft Azure Compliance in the context of Australia Security and Privacy Requirements white paper is written for Australian organizations looking to navigate their country-specific security and privacy requirements. Protecting data, monitoring and securing access, and meeting customer promises are achieved by Azure through implementing security and privacy principles, enabling Australian customers to leverage our cloud offerings with confidence. 
The Microsoft Azure Compliance in the context of Singapore Security and Privacy Requirements white paper addresses the Singapore standards Multi-Tier Cloud Security (MTCS) and how Microsoft complies with the Singapore Personal Data Privacy Act (PDPA). This means both government and commercial customers can have confidence knowing they comply with Singapore legislative and certification requirements when deploying data to the cloud.
The 14 Cloud Security Controls for UK cloud using Microsoft Azure white paper provides customer strategies on moving their services to Azure while meeting their UK obligations mandated by the CESG/NSCS. Customers of the UK can learn how Azure can be used to help address the 14 controls outlined in the cloud security principles. This paper also outlines how customers can move faster and achieve more while saving money as they adopt Azure cloud services.

These white papers represent a set of new guidance created to help customers understand local laws and governance issues, and provide insight into the local regulatory requirements when deploying to the cloud. Check out these papers as well as other useful guidance on the Microsoft Trust Center.
Quelle: Azure

da Agency

Database collation support for Azure SQL Data Warehouse

We’re excited to announce you can now change the default database collation from the Azure portal when you create a new Azure SQL Data Warehouse database. This new capability makes it even easier to create a new database using one of the 3800 supported database collations for SQL Data Warehouse. Collations provide the locale, code page, sort order and character sensitivity rules for character-based data types. Once chosen, all columns and expressions requiring collation information inherit the chosen collation from the database setting. The default inheritance can be overridden by explicitly stating a different collation for a character-based data type. Changing collation To change the default collation, you simple update to the Collation field in the provisioning experience. For example, if you wanted to change the default collation to case sensitive, you would simply rename the Collation from SQL_Latin1_General_CP1_CI_AS to SQL_Latin1_General_CP1_CS_AS. Listing all supported collations To list all of the collations supported in Azure SQL Data Warehouse, you  can simply connect to the master database of your logical server and running the following command:SELECT * FROM sys.fn_helpcollations();
This will return all of the supported collations for Azure SQL Data Warehouse. You can learn more about the sys.fn_helpcollations function on MSDN.
Checking the current collation
To check the current collation for the database, you can run the following T-SQL snippet:SELECT DATABASEPROPERTYEX(DB_NAME(), ‘Collation’) AS Collation;
When passed ‘Collation’ as the property parameter, the DatabasePropertyEx function returns the current collation for the database specified. You can learn more about the DatabasePropertyEx function on MSDN.
Learn more
Check out the many resources for learning more about SQL Data Warehouse, including:

What is Azure SQL Data Warehouse?
SQL Data Warehouse best practices
Video library
MSDN forum
Stack Overflow forum
Quelle: Azure

da Agency

Introducing the 2016 Future of Cloud Computing Survey – Join the cloud conversation

North Bridge, a leading venture capital firm, Wikibon, a worldwide community of practitioners, technologists and consultants dedicated to improving the technology adoption, have partnered to launch the sixth annual Future of #Cloud Computing Survey.

Microsoft participates in this survey regularly because your feedback on cloud computing is important to us and the industry. We want to hear about your plans for cloud, where it is making an impact across your organization, and what cloud technologies and capabilities you are prioritizing in your business.

We invite you to be among the first to TAKE THE SURVEY and share it with your network. By doing so you will help all of us in the industry get a better view on what customers are doing with cloud computing and identify emerging trends.

Results of the survey will be announced later this year and we will be back here to share the findings with you in November.

We look forward to hearing from you!
Quelle: Azure

da Agency

Azure App Service improves Node.js and PHP developer experience

In March 2015, Azure App Service entered general availability with the goal of making it easier for developers to do cool things in the cloud. This Platform as a Service (PaaS) for web and mobile developers has seen rapid growth with over 350K active customers and over one million active applications hosted on Azure. In addition to a great experience for .NET developers, it also includes support for the PHP, Node.js, Java and Python stacks as well as a number of open source web products. Today, we’re releasing a preview that introduces native Linux support for Node.js and PHP stacks.

App Service gives web and mobile developers a fully managed experience that takes away the effort of day to day management of the web server and operating system. To deliver that experience, we built on Microsoft’s unique differentiators with Windows Server. While PHP and Node.js have also been supported in App Service since the launch, we’ve heard loud and clear from some developers that having to deal with operating system compatibility quirks, like "path too long" errors with NPM or the web.config files and page rendering pipelines is too cumbersome. The preview now gives you the ability to choose Linux as an alternative to Windows as the base platform, making your web application run on Linux natively instead of Windows and thus making it easier for you to  work directly with .htaccess files or avoid using modified extensions or code. This includes streamlined deployment abilities with deployment slots, custom domains, SSL configuration, continuous deployment and horizontal and vertical scaling.

App Service is used heavily by our customers for digital marketing solutions running content management systems (CMS). In fact, WordPress makes up over fifty percent of this usage and another forty percent being other LAMP stack CMS's such as Drupal and Joomla!. All of these require some tweaking to run on Windows. In some cases, plug-ins and extensions are not supported which blocks deployments. With this preview, we have updated our marketplace instance of WordPress to run on Apache/Linux. We plan to have updates for Drupal and Joomla! in the future.

Data solutions on App Service

We are also working closely with web developers on improving your experience in App Service related to data solutions. Over the last few months, we’ve come a long way in our data solution portfolio for Web developers, including revamping our PHP client drivers for Azure SQL, a new version of the JDBC drivers, expanded support for Linux on our ODBC drivers, MongoDB protocol support in DocumentDB and an early technical preview of the new PHP on Linux SQL Server drivers. We will continue working on more data solutions that make it easier for web developers to bring great applications to market on Azure, whatever the language, stack and platform!

Azure offers many solutions for hosting MySQL, including:

ClearDB managed MySQL solutions including ClearDB database and ClearDB Clusters
Marketplace solutions for MySQL, MariaDB and other MySQL-compatible solutions from partners like Bitnami and MariaDB
Community-contributed Azure Resource Manager (ARM) templates deploying on VMs
MySQL on virtual machine on Linux or Windows OS

In August we announced MySQL in-app for quickly spinning up MySQL dev/test stacks on App Service. We have a similar MySQL dev/test capability as part of the Linux preview.

Getting started

The preview of App Service on Linux is available today to all Azure customers. To get started, sign in or start a free trial and create an App Service instance. More information available in the App Service documentation.

We would love to hear your feedback on this preview. Please visit our feedback page to get it in the hands of our team.
Quelle: Azure

da Agency

Set expiration date for VMs in Azure DevTest Labs

In scenarios such as training, demos and trials, you may want to create virtual machines  and delete them automatically after a fixed duration so that you don’t incur unnecessary costs. We recently announced a feature which allows you to do just that; set an expiration date for a lab VM.

This feature is currently only available using our APIs which you can use through Azure resource manager (ARM) template, Azure PowerShell SDK and Azure CLI.

You can create a lab VM with an expiration date using an ARM template by specifying the expirationDate property for the VM. You can check out a sample Resource Manager template in our public GitHub repository. You can also modify any of the existing sample Resource Manager templates for the VM creation (name starting with 101-dtl-create-vm) by adding the expirationDate property.

For more details on this feature and what’s coming next, please check out the post on our team blog.

Please try this feature and let us know how we can make it better by sharing your ideas and suggestions at the DevTest Labs feedback forum.  Note that this feature will be available soon in the Azure portal as well.

If you run into any problems with this feature or have any questions, we are always ready to help you at our MSDN forum.
Quelle: Azure

da Agency

What’s brewing in Visual Studio Team Services: October 2016 Digest

This post series provides the latest updates and news for Visual Studio Team Services and is a great way for Azure users to keep up-to-date with new features being released every three weeks. Visual Studio Team Services offers the best DevOps tooling to create an efficient continuous integration and release pipeline to Azure. With the rapidly expanding list of features in Team Services, teams can start to leverage it more efficiently for all areas of their Azure workflow, for apps written in any language and deployed to any OS.

Git best practice with Team Services: Branch Policies

How can you ensure you are finding bugs before they’re introduced into your codebase while still ensuring you have the right people reviewing? Branch policies can go a long way to enhancing your Pull Requests workflow.

Becoming more productive with Git: Tower and Team Services

Working with Git in Visual Studio Team Services and Team Foundation Server just became even easier: the popular Git desktop client Tower now comes with dedicated integrations for these services.

One-click Import of Git repositories into Team Services

Teams can now import a Git repository from GitHub, BitBucket, GitLab, or other locations. You can import into either a new or an existing empty repository.

Enable continuous deployment to App Stores with Team Services

Whether you build apps for the iOS, Android or Windows, Team Services has app store extensions that make it easy to publish your app and set up continuous deployment

New features released in September 2016

Two rounds of Team Services updates in September empower your team to get stuff done faster so you can enjoy those pumpkin spice lattes and the crisp autumn air. Custom work item types, more static analysis options in builds and a new feedback option in the Exploratory Testing extension are just a few among many new delightful updates.

 

Build and Release pricing update

Release Management is coming out of trial mode in Team Foundation Server “15”. Learn more to see how teams get billed for releases in Team Services and TFS post TFS “15” release.

New build queue tab

A redesign of the Queued builds experience in the Build hub brings richer details of your queued/running builds in a more intuitive way.

Changes to the way you log into Team Services

The new screens simplify login for users in organizations that use Azure Active Directory, bringing the experience more in line with the way you login to Azure, Office 365, etc.

Quelle: Azure

da Agency

New resource blade for Azure SQL Data Warehouse

We’re happy to introduce a new top level resource blade for Azure SQL Data Warehouse that allows you to quickly manage all of your databases. You can use the SQL Data Warehouse resource blade to quickly scan through your data warehouse for details like the name, status, server, pricing tier, location, and subscription. You can find the new SQL Data Warehouse resource blade on the left navigation. Simply click the SQL data warehouses link to get started. Customization If you can’t see the new left navigation or would like to move it the top of your Azure portal, you can use the customization features of the Azure portal to place the link we’re you would like. Enable the SQL Data Warehouse Link If the link is not enabled in your portal, you will have to manual enable it. To enable the link, you can click on the Show Menu link in the left navigation. Once expanded, click on the More Services link at the bottom of the list of items. Then scroll to find the SQL data warehouses link. Simply click the star on the right, turning it to yellow, and the link will appear. Moving the Link You can move the link anywhere on the left navigation exposing the grab handle. You can simply drag the link to anywhere on the left navigation. Learn more Check out the many resources for learning more about SQL Data Warehouse, including: What is Azure SQL Data Warehouse? SQL Data Warehouse best practices Video library MSDN forum Stack Overflow forum
Quelle: Azure

da Agency

Microsoft Cloud in India

As we celebrate the one-year anniversary of the Microsoft Cloud in India, I wanted to share some examples of the great outcomes our customers have been able to achieve since moving to the cloud, as well as some of our continued efforts to make Microsoft Azure the platform of choice for customers in India. 

In September 2015, Microsoft was the first global cloud provider to offer services from local datacenters in three regions in India (Central, South and West). These regions provide our customers with trusted cloud services that help them meet local compliance and policy requirements. In addition, replication of data in multiple datacenters across India gives customers reliable, geo-redundant data protection for business continuity, for both pure cloud and hybrid scenarios.

With India’s rapidly expanding economy, we see an incredible opportunity to help customers of all sizes and industries take advantage of the cloud. Today, customers across the public sector, financial services, healthcare, and rapidly growing startups, are all choosing Azure to help go faster, achieve more, and grow their businesses. As we look back on the past year, we are proud to see our customers’ achievements, for example: 

Reliance General Insurance bringing health benefits to millions of under-privileged people across the country
Sri Chaitanya Schools delivering superior quality personalized education
Fortis Healthcare creating value for healthcare organizations and patients

Since launch, we have continued expanding our service offerings and provided over 50 Azure services locally, combined with compliance certifications such as ISO 27001, ISO 27018, SOC 1, SOC 2, and PCI.

Today, I’m pleased to share that we are continuing our investment in India by opening additional subscription options. We have enabled Indian customers to access Azure’s India regions via credit card (direct online subscriptions). This allows customers to leverage the full power of our hyperscale offering on demand. Additionally, we have enabled Cloud Solution Provider (CSP) subscriptions to access India regions. Our CSP partners around the world deliver high value services on top of Azure, with fully integrated customer support and billing. We are very excited to expand these programs to India, and expect them to continue to fuel innovation in the market.
Quelle: Azure

da Agency

Encryption At Rest with Azure Site Recovery is now generally available

We are excited to announce that Encryption At Rest with Azure Site Recovery (ASR) which was in Private preview earlier, is now Generally Available (GA). This follows the recent announcement from the Azure Storage team on the General Availability of this feature.

Storage Service Encryption (SSE) helps your organization protect and safeguard data to meet your organizational security and compliance commitments. ASR’s support for Storage Service Encryption delivers further on our promise of providing an enterprise-class, secure and reliable business continuity solution.

With this feature, you can now replicate your on-premises data to storage accounts with Encryption enabled. Encryption can be enabled via the portal on the storage account’s Settings pane as shown in Figure: 1.

If you want to programmatically enable or disable Encryption, you can use the Azure Storage Resource Provider REST API, the Storage Resource Provider Client Library for .NET, Azure PowerShell, or the Azure CLI, details of which can be found in the feature overview from the Azure storage team.

Figure: 1

After enabling encryption, this storage account can be specified as a target for replication while setting up protection for your workloads using Site Recovery as shown in Figure: 2. 

All the replicated data would now be encrypted prior to persisting to storage and decrypted on retrieval. Upon a failover to Azure, your machine would run off of the encrypted storage account.

Figure: 2

Below are a few considerations to keep in mind when using this feature:

All encryption keys are stored, encrypted, and managed by Microsoft.
The experience when using ASR does not change when replicating to SSE-enabled storage accounts.
If you have been using ASR for protecting your workloads, you can turn on SSE for storage accounts used to store the replicated data. Once you do this, all data replicated to these storage accounts from then on (fresh writes) would be encrypted. Data replicated and stored in these storage accounts prior to enabling SSE would not be encrypted.
If you intend to replicate your workloads to premium storage, you will need to turn on SSE on both the premium storage account and the standard storage account used for storing replication logs (configured at the time of setting up replication). 

Support matrix for this feature is specified below for your reference:

Support Matrix

Supported Workloads

All workloads supported by ASR for DR to Azure including
 
VMware virtual machines/physical servers.
Hyper-V VM’s managed by System Center VMM
Hyper-V hosts without System Center VMM.

Storage Type
Standard storage
Premium storage (For VMware virtual machines/physical servers)

Deployment model
Resource Manager

 

For a complete understanding of how SSE works, please refer to the detailed SSE documentation from the Azure storage team.

Ready to start using ASR? Check out additional product information, to start replicating your workloads to Microsoft Azure using Azure Site Recovery today. You can use the powerful replication capabilities of Site Recovery for 31 days at no charge for every new physical server or virtual machine that you replicate. Visit the Azure Site Recovery forum on MSDN for additional information and to engage with other customers, or use the ASR UserVoice to let us know what features you want us to enable next.

Azure Site Recovery, as part of Microsoft Operations Management Suite, enables you to gain control and manage your workloads no matter where they run (Azure, AWS, Windows Server, Linux, VMware or OpenStack) with a cost-effective, all-in-one cloud IT management solution. Existing System Center customers can take advantage of the Microsoft Operations Management Suite add-on, empowering them to do more by leveraging their current investments. Get access to all the new services that OMS offers, with a convenient step-up price for all existing System Center customers. You can also access only the IT management services that you need, enabling you to on-board quickly and have immediate value, paying only for the features that you use.
Quelle: Azure

da Agency

OMS TECH Fridays – Fall 2016 season

You are Invited!

Join us every other Friday for an hour focused on technical information regarding Microsoft’s Business Continuity and Disaster recovery Solutions including Azure Site Recovery (ASR), Azure Backup (AB), Operational Insights (OI), Azure Automation (AA), and related technologies. This call is open to our customers and partners with the general outline being as follows:

OMS (Operations Management Suite) overview (10-15 minutes)
Technical deep dive/partner focus of the week (30 minutes)
Q&A (10-15 minutes)

You can join the call via Skype and you can make sure you do not miss any off the series by adding our Calendar Invite

If you missed a session, all session will be recorded and posted at our OMS TECH Fridays Channel.

Session Re-Caps

September 16th: Azure Site Recovery – Deployment Troubleshooting​

September 30th:  Vmware to Hyper-V Migration with ASR Scout
Quelle: Azure