I get a bunch of security-related questions daily specifically targeted toward Windows Azure everyday. I’m always steering people in the the direction of information readily available online. I want to reiterate some of the key guidance to refer to before deploying Windows Azure cloud applications. Through enhanced knowledge, you have the ability to reduce the attack surface of your Azure applications, because you will have architected and designed from a securely educated perspective. :)
Securing Microsoft's Cloud Infrastructure This downloadable document addresses issues like physical security, data center access and operational policies, and a host of ancillary information.
Security Best Practices for Developing Windows Azure Applications This white paper focuses on the security challenges and recommended approaches to design and develop more secure applications for Microsoft’s Windows Azure platform. It is intended to be a resource for technical software audiences: software designers, architects, developers and testers who design, build and deploy more secure Windows Azure solutions.
Windows Azure Training Kit The Azure Services Training Kit includes a comprehensive set of technical content including hands-on labs, presentations, and demos that are designed to help you learn how to use the Windows Azure platform including: Windows Azure, SQL Azure and AppFabric. Several of the presentations and hands-on labs focus on security and identity. The June release includes new and updated labs for Visual Studio 2010.
Microsoft Patterns & Practices Windows Azure Security Guidance This codeplex site has a good balance of researched information, including code samples. This is the evolving knowledge base for the Windows Azure Security Guide project the p&p team is working upon.
Cloud Security - Crypto Services and Data Security in Windows Azure This MSDN Magazine article reviews some of the cryptography services and providers that application developers can leverage in Windows Azure.
Identity Developer Training Kit The Identity Developer Training Kit contains a set of hands-on labs, documents and references that will help you to learn how to take advantage of Microsoft's latest identity and access control developer's products and services.
Managing Databases and Logins in SQL Azure This MSDN article describes how you can use the server-level principal and other accounts to manage logins and databases in SQL Azure.
Hope this helps, and I would love to hear feedback from those of you building on the Windows Azure platform!