Deploying Highly Available and Secure Cloud Solutions

As I’ve written previously, three key objectives of information security are to maintain the confidentiality, integrity and availability of an organization’s information. With many organizations adopting cloud services, more and more of the security professionals I have been talking to lately have been interested in topics related to reliability and availability.

Reliability is ultimately about customer satisfaction, which means that managing reliability is a more nuanced challenge than simply measuring uptime. For example, customer satisfaction will be low for a service that never goes down, but that is really slow or difficult to use.
At a high level, each cloud session consists of a cloud consumer using a computing device to connect to a cloud-based service that is hosted by an internal or external cloud provider. When planning for a highly available cloud service, it’s important to consider the expectations and responsibilities of each of these parties. In planning, organizations need to acknowledge the real-world limitations of technology, and recognize that failures can and will occur. They can then use good design to isolate and repair service failures quickly to avoid or minimize impact of the service’s availability to users.

Today Microsoft has released a new whitepaper titled, “Deploying highly available and secure cloud solutions”. The paper showcases examples for deploying robust cloud solutions to maintain highly available and secure client connections and uses real-world examples to discuss scalability issues.

The paper discusses some key principles cloud providers should consider when developing and deploying cloud services including:


  • Using a service-oriented architecture to ensure the implementation of each component is independent of every other component.

  • Implementing separation of function to ensure that each component will implement only one, or a small set of closely related functions, with no overlap and loose coupling to other components.

  • Designing for failure to ensure that when things go wrong, the issue is isolated and the impact to customers is avoided or minimized.

  • Automating testing and measurement to ensure early detection of issues and that the most useful data is available to teams so they can understand problems, if and when they occur.

If you are designing or operating a cloud service, or simply want to stay informed about important underlying concepts of cloud computing,, then I encourage you to download this new whitepaper to read more about successful techniques for deploying highly available and secure cloud services.

Tim Rains
Trustworthy Computing





About the Author
Tim Rains

Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection

Tim Rains is Chief Security Advisor of Microsoft’s Worldwide Cybersecurity & Data Protection group where he helps Microsoft’s enterprise customers with cybersecurity strategy and planning. Formerly, Tim was Director Cybersecurity & Cloud Strategy in Trustworthy Computing at Microsoft, where he Read more »