Microsoft Matches Amazon With Cloud Crypto Key Storage - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud // Infrastructure as a Service
09:45 AM
Connect Directly

Microsoft Matches Amazon With Cloud Crypto Key Storage

Microsoft's Azure cloud adds encryption key storage service, Docker Linux containers, and other features to better compete with Amazon.

6 IT Career Resolutions
6 IT Career Resolutions
(Click image for larger view and slideshow.)

Microsoft announced it's offering secure storage of cryptographic keys in its Azure cloud, relieving enterprise IT of the burden of storing and protecting keys on premises.

In doing so, it's following in the footsteps of Amazon Web Services, which announced an encryption key management service Nov. 12 at its Re:Invent conference in Las Vegas.

Microsoft's Azure Key Vault is a hardware security module (HSM) in the cloud. An HSM is a hardware appliance, either a device attached to a computer or a plug-in card. The device is sealed against tampering and offers no software interface through which it may be modified. The HSM can issue encryption keys, centrally manage keys, and execute cryptographic processing. Microsoft's HSMs in the cloud enable developers to develop and test across key types, either hardware-protected or software-protected, wrote Corey Sanders, director of Azure program management.

[Learn more about Amazon's entry into cloud-based key management. See Amazon Focuses On New Services, Not Price.]

Azure manages HSMs as a service, meaning "Key Vault can be configured in minutes, without the need to deploy, wait for, or manage an HSM ... The service scales to meet your needs," Sanders wrote in a Microsoft blog Thursday.

In addition to adding key management, Microsoft is offering pre-loaded Docker images in Ubuntu-based virtual machines in its Azure Marketplace. The offering makes it simpler to containerize an existing application or develop a new one for use as a containerized system. Linux containers allow multiple applications to share a single host, each getting its operating system function from the host's kernel.

Azure customers were already able to run Linux containers, provided they installed an Azure Docker extension to a running Linux virtual machine, Sanders said in his blog. But it is now much easier to activate a container in a virtual machine by going through the Azure Management portal. The customer may assign his secure shell protocol and other credentials to the VM, and the Linux container will be activated for him. "This is just the first of many additional integrations of the Docker ecosystem into Microsoft Azure, directly through the Azure Management Portal," wrote Sanders.

Microsoft is eager to keep developers in its fold. Developers like Docker, which explains Microsoft's newfound enthusiasm for Linux and Linux containers. In addition, Microsoft is working with Docker to create Windows containers that can be formatted using the familiar Docker system. Microsoft, under CEO Satya Nadella, is recognizing that Linux and open source code are a permanent feature of the landscape, and the Microsoft cloud will have better prospects if it works with them rather than against them.

In another move, Microsoft launched a new instance type, the G series, with up to 32 virtual CPUs, 448 GB of memory, and 6.59 TB of solid-state drive space. The virtual CPUs of the G series instances are powered by Intel Xeon E5 version 3 processors.

"G-series sizes provide the most memory, the highest processing power and the largest amount of local SSD of any virtual machine size currently available in the public cloud," wrote Sanders. G series instances may have up to 64 attached data disks, so enabling the attachment of up to 64 TB of disk drive storage.

No comparison can be exact without a clear definition of what constitutes a virtual CPU for each vendor. But Amazon offers an 8X Large C series that consists of 32 virtual CPUs, 60 GB of memory, and 640 GB of solid-state disk. It also offers a high-volume I/O instance, the I2, an 8X Large with 32 virtual CPUs, 244 GB of memory, and 6.4 TB of solid-state storage.

By these measures, Microsoft has a slender claim to be offering "the highest processing power and largest amount of local SSD of any virtual machine size currently available in the public cloud." Its cloud G series hosts are running version 3 Intel E5 Xeons; Amazon still lists version 2 E5 Xeons for its C series and I series, although it is in the process of moving to a custom E5 v3 Xeon chip.  

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
User Rank: Ninja
1/9/2015 | 2:51:51 PM
Good to see Microsoft accepting the open source bandwagon.

There's no real point in trying to fight it; open source tech is here to stay and it is not going to diminsh. Developers and technologists like to see open and distributed systems, which we are going to see a lot more of in IT going forward. 
Charlie Babcock
Charlie Babcock,
User Rank: Author
1/9/2015 | 8:02:55 PM
Microsoft spots a band wagon, finally
Yes, it's good to see Microsoft accepting that open source is here to stay. But it's 2015, afterall. Someday I'd like someone to explain to me why Steve Ballmer couldn't see it 10 years ago. It will take Microsoft 50 years to live down his legacy of virulent opposition.
Susan Fourtané
Susan Fourtané,
User Rank: Author
1/12/2015 | 12:44:08 AM
Re: Microsoft spots a band wagon, finally

"Someday I'd like someone to explain to me why Steve Ballmer couldn't see it 10 years ago. It will take Microsoft 50 years to live down his legacy of virulent opposition."

Steve Ballmer was not what we could call a great and brilliant CEO, was he? 

Encrypted keys in the cloud is the best choice for offering security. 

Li Tan
Li Tan,
User Rank: Ninja
1/12/2015 | 10:46:36 AM
Re: Microsoft spots a band wagon, finally
Exactly - this should be something in place from day one and MS finally realized it. Without proper security treatment in place, the cloud service/storage cannot go for long in the market.
User Rank: Ninja
1/13/2015 | 9:11:56 PM
Re: Microsoft spots a band wagon, finally
@Charlie B,

He was following in Bill Gates' closed-door policy footsteps. I bet they both wish they'd created the closed ecosystem successfully the way Apple did.
Charlie Babcock
Charlie Babcock,
User Rank: Author
1/13/2015 | 9:48:50 PM
Where does Microsoft fit today?
Microsoft was of two minds on closed systems. Early on, it enjoyed overwhelming success versus Apple because of the tools and operating system knowledge that it shared with its developer ecosystem. It created a much broader following than Apple did in the PC era due to the richness of applications produced by that ecosystem. The Office and Windows monopolies remain intact and largely unthreatened by direct competitors to this day. Both provide a revenue stream that allows Microsoft to continue to compete on many fronts. Once launched, the ecosystem couldn't suddenly be closed down. At the same time, Microsoft couldn't bring itself to function in a more open manner, making its code open source as well as throwing the doors open to generally available, powerful tools with access to applications. It's still trying to find the proprietary space where it fits in between an Apple-like closed system and Linux/open source. Amazon, by the way, uses lots of open source code but is not itself an open system; rather it's a strongly proprietary one.
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Flash Poll