I remember building a PCI DSS compliant infrastructure in the past and it's no joke. First off, achieving compliance involves an interrogation of every aspect of how card details travel from a user's browser to your back end servers and every touch point in between. Kind of like a chain, if any link in the chain is weak, then the chain is weak. So from a PCI DSS perspective every system that touches the card details must be audited. This of course presents a problem for cloud data centres like Azure, where it's impossible to allow auditors every time a customer requires a certification. So, the way around this is for Microsoft to achieve compliance. Today's announcement means customers can now deploy applications and have them certified, so this opens up Azure for a new type of workload.
To assist customers in achieving PCI DSS certification, Microsoft is making the Windows Azure PCI Attestation of Compliance and Windows Azure Customer PCI Guide available for immediate download.
Visit the Trust Center for a full list of in scope features or for more information on Windows Azure security and compliance.
How do you think Aston Martin and United Airlines orchestrate the protection and recovery of private clouds built on Hyper-V? First they have to replicate VMs from the primary site to a secondary, this needs to be co-ordinated and monitored. Then they need a way to monitor the primary site in case of an outage. Then, a mechanism to automate the recovery of VMs, for testing purposes or in case of an outage, is needed. Basically you need a central cloud based solution to orchestrate the entire process. This is where Recovery Manager comes in to play and it went into General Availability today. You can find out more here http://www.windowsazure.com/en-us/services/recovery-manager/
There were a few more updates like staging websites, enhanced monitoring for websites and sql azure as well as support for Sencha Touch. Check out Scott Guthrie's blog for full details.