Microsoft gains EU security approval



Last week Microsoft announced that European Union’s data protection authorities have found that Microsoft’s enterprise cloud contracts meet EU privacy law standards. This is good news for companies using Microsoft’s enterprise cloud services – in particular, Microsoft Azure, Office 365, Microsoft Dynamics CRM, and Windows Intune.

In a recent blog post, Brad Smith, General Counsel and Executive Vice President of Legal and Corporate Affairs at Microsoft, noted that “Microsoft is the first – and so far the only – company to receive this approval.”

This is good news for those using Microsoft’s enterprise cloud services because it now means security and privacy concerns have been addressed on a global level.

According to Smith, “By acknowledging that Microsoft’s contractual commitments meet the requirements of the EU’s “model clauses,” Europe’s privacy regulators have said, in effect, that personal data stored in Microsoft’s enterprise cloud is subject to Europe’s rigorous privacy standards no matter where that data is located. This is especially significant given that Europe’s Data Protection Directive sets such a high bar for privacy protection.”

Smith highlights three key benefits to customers. First, “should the EU suspend the Safe Harbor Agreement with the U.S., as called for recently by the European Parliament, our enterprise customers won’t need to worry that their use of our cloud services on a worldwide basis will be interrupted or curtailed.

 “Second, even if the Safe Harbor Agreement remains in place, it covers only transfers from Europe to the U.S. Our approved contractual commitments, by contrast, enable transfers globally.

 “Third, we have had and will continue to do the hard work to ensure that we can comply both technically and operationally with the stringent obligations imposed by these contractual commitments. All of our customers, whether they have operations in Europe or elsewhere, benefit from the strong engineering protections we have put in place as a result.”

Enterprise customers should be able to see these benefits implemented by July 1 of this year. As Smith explains in his post the EU approval requires that customers execute a short, standardized addendum to their current agreements in order to take advantage of this new recognition, and Microsoft is working to facilitate this.

Smith goes on to state “While we join others in our industry in calling for governments to respect the free flow of information, we also believe in putting our customers’ needs first. That’s why we previously announced our commitment around implementing encryption and enabling enterprise customers to store their content in existing data centers in their region.”

He wraps up his post with these thoughts, “Ultimately, customers will entrust their information to the cloud only if they have confidence that it will remain secure there. This week’s approval by the European data protection authorities is another important step in ensuring customers trust Microsoft’s cloud services.”

You can read Brad Smith’s complete post here.



Guy Wright

Guy Wright has been covering the technology space since the days when computers had cranks and networks were steam powered. He has been a writer and editor for more years then he cares to admit. He has lost count of the number of articles, blogs, reviews, rants and books that he has published over the years, but he hasn’t stopped learning and writing about new things.


More

The Churchill Club’s VCs Predict the Death of Automobiles

Or how to really piss off Ford, GM, Toyota, Fiat, Mercedes Benz and a host of others in 3 easy lessons.

Creepy toys or polished chrome – what’s the difference?

There have been a number of stories about Google's patents for cute, cuddly IoT-enabled stuffed toys

Why You NEED To Change Your Marketing Because of News Aggregators

In a few short years, news aggregators have changed the way millions of people digest their news and information and this has a profound effect on your marketing