In April 2012, we launched Windows Azure Trust Center (WATC) with the goal of providing customers and partners with easier access to regulatory compliance information.  We indicated that WATC would be updated on a regular basis with additional compliance programs that Windows Azure is pursuing. As we continue to make progress on this, I’d like to share some updates with you.

Windows Azure now publishes a detailed SOC 1 Type 2 report for the core features.  The audit report is available to Enterprise Agreement (volume licensing) customers under a non-disclosure agreement.  The audit was conducted in accordance with SSAE 16 and ISAE 3402 standards.  For more information, please visit the Windows Azure Trust Center compliance page. 

The scope of the audit covers the following Windows Azure features:

  • Cloud Services (includes Web and Worker roles)
  • Storage (includes Blobs, Queues, and Tables)
  • Networking (includes Traffic Manager and Windows Azure Connect)

The following additional features were launched after the examination review period but are subject to the same controls and processes that were tested in the audit:

The SOC1 Type 2 audit report attests to the fairness of the presentation for Windows Azure service description.  It also examines the suitability of the design and operating effectiveness of the controls to achieve the related control objectives.

We strive to take a leadership role when it comes to security, privacy, and compliance practices, and will continue to share updates with you through this blog.