Skip to main content


Windows Azure PCI DSS compliance and expanded ISO certification

Microsoft announced today that Windows Azure has met two significant milestones. The milestones are related to compliance and security. The lack of PCI compliance is one thing that has kept some potential Windows Azure customers away from building services and applications on the platform. Compliance with the Payment Card Industry (PCI) Data Security Standards (DSS) will allow you to build credit card processing and transmission applications and services on Windows Azure. The ISO Certification was expanded to include several additional services provided by Windows Azure.

See a snippet from the announcement below:

Windows Azure PCI DSS Compliance and Expanded ISO CertificationWindows Azure Validated for PCI DSS Compliance Payment fraud continues to be a huge concern for the growing number of organizations that accept credit card payments. We are pleased to announce that Windows Azure has been validated for compliance with the Payment Card Industry (PCI) Data Security Standards (DSS) by an independent Qualified Security Assessor (QSA).

The PCI DSS is the global standard that any organization of any size must adhere to in order to accept payment cards, and to store, process, and/or transmit cardholder data. By providing PCI DSS validated infrastructure and platform services, Windows Azure delivers a compliant framework for you to run your own secure and compliant applications. You can more easily achieve PCI DSS certification for those applications using Windows Azure.

To assist customers in achieving PCI DSS certification, Microsoft is making the Windows Azure PCI Attestation of Compliance and Windows Azure Customer PCI Guide available for immediate download.

Visit the Trust Center for a full list of in scope features or for more information on Windows Azure security and compliance.

ISO Certification expanded to Include SQL Database and Many More Windows Azure Features

Windows Azure has successfully completed its annual ISO audit. In addition to Windows Azure Cloud Services, Storage, Virtual Machines and Virtual Networks, the ISO audit scope has been significantly expanded to include SQL Database, Active Directory, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile Services, Service Bus, Multi-Factor Authentication, and HDInsight among others. This includes the Information Security Management System (ISMS) for Windows Azure, encompassing infrastructure, development, operations, and support for these features.

This expanded certification reaffirms Microsoft’s commitment to implementing internationally recognized information security controls so that customers can comply with the laws and regulations applicable to their use scenarios.

Visit the Trust Center for a full list of in scope features or for more information on Windows Azure security and compliance.

You can read more details on the announcement directly from Microsoft here.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Ryan Duclos

Ryan Duclos is a Lead Technical Consultant and CSM for Perficient, Inc. (PRFT), where he is passionate about Microsoft development utilizing the .Net Framework, SQL Server, and Microsoft Azure technologies. Ryan was a 2014 Microsoft MVP for Microsoft Azure. He lives and works in LA (Lower Alabama!) and loves spending time with his family, as well as being a Community Influencer for Microsoft. Ryan also a passion for Disc Golf and CrossFit! Ryan is a board member for the Lower Alabama .NET User Group and is also involved with the Pensacola SQL Server User Group, as well as other technical communities in his region. In addition, Ryan is a frequent speaker at numerous Code Camps, SQL Saturday & User Group events.

More from this Author

Follow Us