National Cloud

content C&E FY17

consistent hybrid
cloud platform
scenario
Kelli Primavera
July 15, 2016
Opportunity
Unlocking blocked Data residency, compliance, performance
customers Public sector currently trails the commercial sector in cloud adoption by
59% (11% vs. 27%)
Multi-National customers

Industry In FY15, Government, Public Safety and National Security, Healthcare, and
Growth Education industries are present in 238 countries accounting for $44.1B of
cloud-transformation products and services deployed both on and off
premises. This market is projected to grow to $53.7B in FY18 (IDC)

Synergistic Experience with Azure Government and many of our local datacenters shows
Growth that not only do customers purchase a sovereign or local service, but we also
see an increase in sale of our commercial offering by the same set of
customers.
 Engage your Transform your
customers products

Digital
Transformation

Empower your Optimize your

employees operations

3
Cloud momentum continues to accelerate

By 2020, a corporate no-cloud The question is no longer:
policy will be as rare as a How do I move to the cloud?
no-internet policy is today1 Instead, its Now that Im in the
cloud, how do I make sure Ive
optimized my investment
and risk exposure? 2
By 2020 clouds will stop being
referred to as public and
private. It will simply be the
way business is done and IT
is provisioned. 3

1Gartner: Smarter with Gartner, Why a No-Cloud Policy Will Become Extinct, February 2, 2016
2KPMG: 2014 Cloud Survey Report, Elevating business in the cloud, December 10, 2014
3IDC: IDC Market Spotlight, Cloud Definitions and Opportunity, April 2015

4
Compliance & data residency a key factor in cloud adoption
Security and privacy are stated most important considerations while compliance
drives behavior
Top 20 Customer Requirements Related to Trust
3000 customers were asked
to rank their top 20 Security
requirements related to
1 2 3

cloud trust
Compliance

Compliance was ranked the

second in regards to Transparency

importance to cloud trust Privacy Other

Microsoft: Trusted Cloud Survey, 2016

5
Azure infrastructure investments
34 Azure regions worldwide

United Kingdom
South
North Central US

United Kingdom West

West Europe
Central US Canada Central
Canada East North Europe Germany Korea Central
US Gov
Northeast** Korea South
East US China West*
US DoD Japan East
Germany Central**
West Japan West
West Central US East US 2 China East*
US Gov West India
US DoD East East Asia
South Central US South India
Central India

Southeast
Asia
100 + datacenters
One of 3 largest networks in the world
Brazil South
Australia East
*Operated by 21 Vianet
**German data trustee services Australia Southeast

provided by T-systems

6
Industrys largest compliance portfolio
Microsoft is meeting customer security needs with the industry's largest compliance portfolio
Worldwide

ISO ISO Cloud Controls Shared Content Delivery and

PCI DSS Level 1 SOC 2 Type 2 SOC 1 Type 2
27018 27001 Matrix Assessments Security Association
National

China Multi
HIPAA / European Union ENISA China China Singapore Australian Signals New Zealand Japan
Layer Protection
HITECH Model Clauses IAF GB 18030 CCCPPF MTCS Level 3 Directorate GCIO Financial Services
Scheme
Government

Section 508 United Kingdom FedRAMP FIPS 140-2 21 CFR FERPA DISA Level 2 CJIS IRS 1075 ITAR-ready
VPAT G-Cloud JAB P-ATO Part 11

7
 Investments to address business and regulatory needs
Infrastructure geo-expansion helps address some common cloud blockers for
many geographies and industries.

Specific compliance certifications unblock what were once only on premises

Compliance apps/workloads Ex: IRAP

Data Local datacenters allow customer data at rest to be kept within a geography,
Residency enabling customers to help meet local data residency requirements*

Local datacenters can help reduce latency for developers and partners,
Performance fueling local innovation

*For further details, see http://azuredatacentermap.azurewebsites.net/

8
The cloud is a model, not just a place
The cloud operating model prioritizes speed and empowers developers. Hybrid cloud allows the model to
be utilized consistently across public, partner, and private cloud environments, providing ultimate
flexibility.

Microsoft datacenter Partner datacenter Customer datacenter

Global: Sovereign: Cloud services deployed on Deployed on customer-

Hyper-scale, globally
connected cloud services
deployed from regional
Microsoft datacenters. Local
datacenters enable
customers to address local
data residency requirements.
Hyper-scale cloud services,
isolated from global cloud
services. Deployed from
local datacenters to meet
unique requirements of
specific markets.
dedicated resources, hosted
or operated by a Microsoft
partner. Provides
integrated or industry-
specific service offerings.
dedicated resources with
Microsoft products and
technologies. Benefit from
cloud experiences on your
own premises.

Public Private
Hybrid
9
How do I determine the best fit for my needs?
There are a set of core factors to take into account when determining the best option(s) to meet
your needs

Public Sector or restricted industry? Data Residency and/or Sovereignty

Am I part of local or federal government, or in an industry with Do I have data residency requirements and/or sovereignty that I
specific restrictions? need to fulfill?

Compliance Cost
What are the compliance requirements that I need
Is price a major factor in your decision making process?
to abide by?

Eligibility Latency
Is lightning speed performance crucial to my business or
Which datacenters am I eligible to use?
industry?

Service Availability Customization

Do I have a solution that requires customization beyond what is
What services am I interested in using?
available in the public cloud?'

Customer/Subsidiary Location Data governance standards and policies

Do I have branch offices or customers located in other countries? Do I have data governance processes and/or controls that I need
Would these users employ a different cloud model? to follow?

10
What is cloud data governance and why is it important?
Cloud data governance drives business transformation, agility, and collaboration, to
increase your competitive advantage

What it is
A set of processes and controls for managing data by harnessing the power
of the cloud

Why its important

Reduces data complexity and costs, delivers new insights from powerful data
analytics tools, helps organizations meet standards for security, privacy, and
compliance

11
Five Steps to Data Governance Adoption

Define business
objectives
1

Operationalize
data strategy
and implement 5 Develop
2 data strategy
change control
process and policy

4 3

Inventory and Set up

classify data stewardship model
Azure meets stringent government
compliance requirements. It provides
the same security levels that used to
require having servers behind a DMZ
[demilitarized zone], which is kind of
revolutionary. Microsoft Canadian
datacenters further help us serve
customers who felt they were blocked
from the cloud due to data residency
requirements.

Jeff Parsons
EVP of Global Business
Azzimov

13
We chose Microsoft Cloud, Germany
because with it we have all the benefits
and advantages of the highly scalable
Azure Cloud and it is the only
Hyperscaler capable of meeting our
strict demands regarding German
privacy protection. Servers based in
Germany paired with the trustworthy
and reliable server management
carried out by T-Systems were the two
key deciding factors for us.

Detlef Schmuck
COO
TeamDrive

14
For Memphis Police Department we
delivered the fast and scalable Getac
Veretos Evidence Management System
that supports CJIS security policies. In
many cases, data moves seamlessly
from the officer and the vehicle directly
to the Azure Government Cloud. This
streamlined, secure hosted model
eliminates many of the hidden costs
and processes associated with running
an internal network infrastructure.

Scott Shainman
President North America
Getac

15
Resources

Microsoft Datacenters

Trust Center: Compliance

Trust Center: Where Is My Customer Data?

Hybrid Cloud Platform

16
Azure geographic views
Azure regions in the United States
Global offerings

10 Azure regions in the United States

Customer data at rest is kept within the US, enabling customers to address
most data residency requirements
Open to all public cloud users
Azure regions can be selected, including access to WW regions

Sovereign
Central US
Microsoft Cloud for Government
West Central US North Central US
US Gov Data is stored within the U.S. and provides a physical and network-isolated
instance of Microsoft Azure
US DoD
West Provides screened U.S. persons and policies to help protect customer data and
East US applications
Offers continuous commitment to meet rigorous compliance demands
East US 2 (i.e. FedRAMP, CJIS, HIPAA) of a government-community cloud
US Gov
Microsoft Cloud U.S. Dept. of Defense*
US DoD East
Two new physically isolated Azure Government regions for Department of
South Central US
Defense
First of a kind, datacenters are architected to meet stringent DoD security
controls and compliance requirements
Designed to meet specific controls and commitments defined in the DoD
Cloud Computing Security Requirements Guide (SRG) that require the specific
engineering controls in place for data permitted to be stored in the cloud
*DoD datacenters have been announced but are not yet operational

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/. 19
Making the right choice in the United States
Compliance in the United States

Microsoft has exceeded the LAPD's expectations in this regard by

taking on the difficult requirements of the CJIS regulatory regime
and meeting them head-on.
CDS FERPA CSA CCM DIACAP FIPS 140-2 GxP
Sanjoy Datta
Information Security Officer
Los Angeles Police Department

ISO/IEC ISO/IEC NIST Microsoft Azure is well known for its industry-leading security and
PCI-DSS 27001 27018 MPAA 800-171
reliability and, with it, we can provide the most secure and compliant
cloud capability to our customers.
Rick Smith
CEO
Shared Section TASER
SOC 1 SOC 2 SOC 3
Assessments 508 VPATs
In working with law enforcement, we need to meet several security
Federal Government Compliance and privacy standards - particularly CJIS. Microsoft Azure and Azure
Government are the only major platforms that meet those
standards.
Ken Smith
Founder/Head of Product
Rejjee
HIPAA/ FDA 21 CFR
CJIS FedRAMP IRS 1075 DISA FISMA
HITECH Part 11

For updated compliance information visit the Microsoft Trust Center

20
Azure regions in Canada
Global offerings

Canada
Microsoft Azure is generally available from two local datacenter regions
Data replication occurs within Canada for business continuity
Customer data at rest is kept within Canada, enabling customers to address
most local data residency requirements
Open to all public cloud users
Azure regions can be selected, including access to WW regions

Canada East

Canada Central

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/.
21
Making the right choice in Canada
Compliance in the Canada
We encourage innovation and we are excited to be taking
advantage of the newly opened Microsoft Canadian datacenter
where we will begin moving more than 35,000 users to the Microsoft
Canadian cloud over the coming years.
ISO/IEC ISO/IEC
CDS CSA CCM MPAA
27001 27018 Labi Kousoulis
Minister Internal Services
Province of Nova Scotia

Azure meets stringent government compliance requirements. It

Shared provides the same security levels that used to require having servers
PCI-DSS SOC 3 SOC 2 SOC 1
Assessments behind a DMZ [demilitarized zone], which is kind of revolutionary.
Microsoft Canadian datacenters further help us serve customers who
felt they were blocked from the cloud due to data residency
requirements.
Jeff Parsons
EVP of Global Business
azzimov

Microsoft Azure cloud gives us the high-performance infrastructure

we need to handle major fluctuations in traffic and demand for a
majority of our media websites and we get all of the compute
capacity we need, when we need it, and only pay for what we use.
Richard Roy
Vice President of IT and CTO
Quebecor
For updated compliance information visit the Microsoft Trust Center
22
Azure regions in Europe
Global offerings

Europe
Globally connected cloud services deployed from regional Microsoft datacenters in
Europe
Complies with EU model clauses 2010/87/EU
Microsoft was the first hyperscale cloud service provider to receive Spain's Esquema
Nacional de Seguridad (National Security Framework) certification

United Kingdom
Customer data at rest is kept within the UK, enabling customers to address most local
North Europe data residency requirements**
Complies with EU model clauses 2010/87/EU

United Kingdom West

Open to all public cloud users within the UK
United Kingdom South
Germany Northeast** Azure regions can be selected, including access to WW regions

West Europe Sovereign cloud offerings

Germany Central**

Microsoft Cloud Germany

Built to specifically to address unique German data access requirements
A physically and logically separate instance of Microsoft Azure, Office 365, and Dynamics
CRM Online available to all customers and partners in EU/EFTA
A dedicated network within Germany datacenters, independent from the public
cloud network
A German Data Trustee (provided by T-systems) controls physical and logical access to
customer data
A commitment that all customer data and required supporting systems reside in German
datacenters

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/.
23
Making the right choice in Europe
Compliance in the Europe

With the increase in the volume and velocity of data that

were looking at, Microsoft Azure IoT Suite has a key part to play in
our ability to reliably aggregate data across our customers fleets.
ISO/IEC
CDS CSA CCM ENSIA IAF Nick Farrant
27001
Senior Enterprise Architect
Data Services
Rolls-Royce

ISO/IEC Shared
MPAA PCI-DSS SOC 3
27018 Assessments

SOC 2 SOC 1

Regional Compliance

EU Model
Spain ENS UK G-cloud FACT
Clauses

For updated compliance information visit the Microsoft Trust Center

24
Azure regions in Asia
Global offerings

Asia
Data replication occurs; between two datacenter regions within Asia
Achieved MTCS T3
Open to all public cloud users
South Korea*
New datacenter announced May 2016, not yet operational
Customer data at rest will be kept within South Korea, with the goal of meeting the requirements of the Korean Cloud Computing
Related Regulation and Standards, such as Cloud Computing Act and Data Protection Standards for Cloud Computing Services
Japan East Will be open to all public cloud users
Korea Central
China West* Japan
Data replication between two local datacenter regions
Japan West
Customer data at rest is kept within Japan, enabling customers to address most local data residency requirements.
China East* Korea South
Microsoft has been accredited by JASA on Cloud Security Mark Gold, while meeting requirements from FISC and My Number Act
Open to all public cloud users
Azure regions can be selected, including access to WW regions
East Asia
Sovereign offerings

Microsoft Cloud China

A dedicated network within China, independent from the public Azure network
Azure in China is operated by 21Vianet, one of the leading IDC service providers in China
Southeast
Asia
Microsoft Azure is certified by the China Electronics Standardization Institute as compliant with GB 18030, the encoding standard
mandated by the Chinese government for the Chinese ideographic character set
Adheres to Multi-Level Protection Scheme, a Chinese state cloud security standard issued by the Ministry of Public
Passed the Trusted Cloud Service certification developed by the Data Center Alliance and tested by the China Academy of Information
and Communications Technology.

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/.
*South Korea datacenters have been announced but are not yet operational 25
Making the right choice in Asia
Compliance in Asia

The ultimate goal of driving innovation through cloud services is to reduce the
total cost in business operation and maximize IT efficiency to achieve business
agility. I believe that the expansion of the Microsoft Cloud in Korea will create
ISO/IEC ISO/IEC big momentum for many Korean companies to very actively adopt cloud
CDS CSA CCM MPAA
27001 27018 services.
Chan Park
Chief Technology Officer (CTO),
JYP Entertainment

Shared "The core of cloud service is security. Microsoft Azure is perceived as the trusted
PCI-DSS SOC 3 SOC 2 SOC 1
Assessments cloud service as it has numerous certifications from many international
organizations. I hope the Microsoft announcement today provides Korea with an
Regional Compliance opportunity to increase awareness of the need for security in cloud services.

Chun Shik Park

Professor of Information Security of
Seoul Womens University and the
former Chairman,
KIISC (Korea Institute of Information
China China China GB Japan My Security and Cryptology)
TRUCS MLPS 18030 Number FISC
Act
The Korea data center news shows us the clear evidence that the Microsoft
Azure responds actively to market needs. The announcement that Microsofts
investment in data center in Korea is very meaningful in the sense that Microsoft
CS Mark
MTCS has a strong vision in Korea, a clear leader in the global gaming industry.
(Gold)
Taeyoung Kim
CEO of WEBZEN
For updated compliance information visit the Microsoft Trust Center
26
Azure regions in India
Global offerings

Asia
Data replication occurs between two datacenter regions in Asia
Achieved MTCS T3
Open to all public cloud users

India
Data replication occurs between two local datacenter regions
Enables data residency for customers in India, including data replication within India
for business continuity
India billing address is required for use
West India
India datacenter infrastructure and facilities operations have been independently
certified under ISO 27001, SOC 1, SOC 2, SOC 3 as well as PCI DSS 3.0
Central India India billing address is required for use

Azure regions can be selected, including access to WW regions

South India

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/.
27
Making the right choice in India
Regional Compliance

Data residency has been key concern of industry globally due to security and
compliance reasons. Having option of data residing within india and even
having BCP option, opens completely new possibilities for the enterprises which
ISO/IEC ISO/IEC were reluctant so far. This also helps regulated businesses to use hosted solutions
CDS CSA CCM MPAA
27001 27018 which was not as easy earlier.
Dhiren Savla
Chief Information Officers, VFS Global

The launch of Microsofts Dynamics CRM Online in India is fantastic news! India
Shared is a hub to the operations of global companies like ours. And of course, India is
PCI-DSS SOC 3 SOC 2 SOC 1
Assessments fast emerging as a market for next generation companies. The availability of in-
country storage and processing infrastructure will offer better performance,
redundancy, security, and compliance. This will spur greater adoption of cloud
based services across the enterprise software landscape that is shaping the new
Digital India - enabling businesses to offer differentiated user experiences and
new opportunities for growth at optimal cost.
Deepak Padaki
Senior Vice President Strategy & Chief Risk
Officer, Infosys Limited

Especially for us at Cloud Nine, with clinical and non-clinical information

residing as part of the CRM across landscapes, data residency and replication
and the speed of fetch will greatly improve the user experience and further
enable a drive towards greater engagement.
Mr. Rohit
Managing Director at Cloud Nine Hospitals

For updated compliance information visit the Microsoft Trust Center

28
Azure regions in Australia
Global offerings

Asia
Data replication occurs; between two datacenter regions within Asia
Achieved MTCS T3
Open to all public cloud users

Australia
Customer data at rest is kept within Australia, meeting most local data
residency requirements, including Australian government Certified Cloud Services List
To assist agencies, Microsoft New Zealand has produced a series of documents
showing how its enterprise cloud services address the questions in Cloud
Computing ISPC by linking them to the standards against which Microsoft cloud
services are certified
Australia billing address is required for use

Azure regions can be selected, including access to WW regions

Australia East

Australia Southeast

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/.
29
Making the right choice in Australia
Compliance in Australia

Australian Government has adopted a cloud-first policy so they can subscribe to

a solution and turn it on and off as they need to help manage costs. For us,
weve got one platform we can manage and control. Thats more efficient, and
ISO/IEC ISO/IEC we can pass those savings and efficiencies on to our customers.
CDS CSA CCM MPAA
27001 27018
Andre Pinkowski
Technical Director and Co-
Founder, Single Cell

Shared
PCI-DSS SOC 3 SOC 2 SOC 1
Assessments

Regional Compliance

NZCC
Irap
Framework

For updated compliance information visit the Microsoft Trust Center

30
Azure regions in South America
Global offerings

Two regional datacenters, with replication to the United States

Open to all public cloud users
Azure regions can be selected, including access to WW regions

Brazil South

For updated compliance information visit the Microsoft Trust Center. For data residency details, see http://azuredatacentermap.azurewebsites.net/.
31
Making the right choice in South America
Compliance in the South America

ISO/IEC ISO/IEC
CDS CSA CCM MPAA
27001 27018

Shared
PCI-DSS SOC 3 SOC 2 SOC 1
Assessments

Regional Compliance

Argentina
PDPA

For updated compliance information visit the Microsoft Trust Center

32