Azure Privacy, Compliance, and Trust


  • Azure Policy: use policies to make sure rules are followed and resources are compliant.
  • Policy: a set of rules to ensure compliant resources
  • Role-Based Access Control (RBAC) – ensures user compliance through assigning a role to a user. A role is a combination of security principal, role definition, and scope.
  • Define user access to specific resources. Minimum Access principle. Target specific use cases.
  • Security Principal, Role Definition, Scope. Use these to permission RBAC.
  • Locks – ensure specific resources are not changed. Assign to a subscription, resource group, or resource. It can be delete or read-only. Needs to be removed in order for actions are possible again.
  • Azure Blueprints – templates for creating standard Azure resources
  • Cloud Adoption Framework – collection of documents
  • Azure Advisor for Security Assistance – same as Azure Security Center.

Azure Monitor

  • Finds resources that aren’t performing 100%
  • Uses telemetry to provide Azure Monitor with smooth running
  • Constant Feed
  • Fully Managed
  • Query Language
  • Machine Learning

Azure Service Health

  • Service maintenance or update maintenance
  • Planned and unplanned incidents to highlight service issues without affecting your resources


  • General Data Protection Regulation (GPDR) – protect individuals with respect to processing of personal data
  • ISO Standard – quality and customer satisfaction (ISO 9001:2008) also includes food safety and environmental management
  • NIST – focuses purely on the tech industry. Developed primarily for US Federal Agencies. Compliance with NIST means compliance with multiple Federal US regulations
  • Azure Compliance Regulation Manager – recommendations for compliance with GDPR, ISO, NIST, and others. Tasks – team members to track progress. Compliance Score – chase a perfect score
  • Secure Storage – Upload documents to prove compliance and secure safely
  • Reports – get reports of compliance data to provide to managers and auditors
  • Azure Government Cloud – available to US government and approved contractors
  • Azure China Region – all within china, complies with applicable Chinese regulations


  • Microsoft Privacy Statement


  • Trust Center – learn about things to make sure you don’t lose trust in Azure
  • Service Trust Portal – location to review independent reports and audits performed on Microsoft’s products and services. Azure complies with more standards than any other cloud provider.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.