Microsoft has, for quite some time now, made security and privacy one of their most important corporate commitments. They’ve focused on security in Windows, and across their entire line of cloud services. Azure is no different and the company continues to find ways to ensure that Azure provides strong methods for keeping customer information secure.
One of the most important aspects of security is encryption and this field has received quite a bit of attention from Microsoft. Most recently, they’ve both added and removed various ciphers, as outlined on the Azure blog:
We continue to execute on that commitment by announcing additional enhancements to encryption in transit based security. To date, this has included usage of best-in-class industry standard cryptography, including Perfect Forward Secrecy (PFS), 2048-key lengths, and updates to operating system cipher suite settings.
In addition to these cryptographic changes, the default Transport Layer Security (TLS)/Secure Socket Layer (SSL) cipher suite configuration has been enhanced and includes changes such as removal of SSLv3 support and mitigation of issues such as POODLE.
Today, we are announcing the removal of RC4 from the supported list of negotiable ciphers on our service endpoints in Microsoft Azure. This encryption work builds on the existing protection already extant in many of our products and services, such as Microsoft Office 365, Skype and OneDrive.
In addition, The TLS/SSL cipher suite enhancements are being made available to customers, by default, in the May 2016 Azure Guest OS releases for Cloud Services release. Learn more about Azure Guest OS releases here.
You can find out more about these enhancements by reading their article Updates to Microsoft Azure SSL/TLS Cipher Suites. As always, we’ll work to keep you updated on everything that Microsoft is doing to enhance security and privacy.