Building Up Better Microsoft Cloud Data Security with Stronger Security Methods
Kumar, Pawan (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025120331933
https://urn.fi/URN:NBN:fi:amk-2025120331933
Tiivistelmä
These days, more and more organizations are moving their data to the cloud, because it is flexible and easy to scale. But with this shift comes new security worries like keeping confidential information safe and following the rules about data protection. When we talk about “the cloud,” we mean using online services for things like storage and networking, instead of relying on local servers. The transfer of sensitive data to cloud environments raises concerns about data privacy, regulatory compliance, and the risk of unauthorized access.
The introduction of the General Data Protection Regulation (GDPR) has made data security a critical issue for organizations running in the European Union. GDPR violations can result in substantial financial penalties and reputational harm, with requirements such as the 72-hour breach notification rule placing significant responsibility on organizations to respond promptly and transparently to incidents. A breach caused by an individual employee is treated as a breach by the entire company, emphasizing the need for comprehensive security policies and clear accountability at all organizational levels.
Microsoft, as a leading provider of cloud services through its Azure platform, has implemented a range of security features to help organizations protect their data. However, these built-in protections are not automatic guarantees; each organization must actively configure and keep its own security controls to ensure compliance and minimize risk. Advanced methods such as Zero Trust architecture, multi-factor authentication, and AI-driven threat detection are increasingly recommended to address evolving threats in hybrid and multi-cloud environments.
This thesis evaluates current vulnerabilities, reviews best practices, and proposes enhancements for strengthening Microsoft cloud security. The aim is to offer actionable guidance for IT professionals looking to improve their organization’s cloud security posture and meet regulatory requirements.
The introduction of the General Data Protection Regulation (GDPR) has made data security a critical issue for organizations running in the European Union. GDPR violations can result in substantial financial penalties and reputational harm, with requirements such as the 72-hour breach notification rule placing significant responsibility on organizations to respond promptly and transparently to incidents. A breach caused by an individual employee is treated as a breach by the entire company, emphasizing the need for comprehensive security policies and clear accountability at all organizational levels.
Microsoft, as a leading provider of cloud services through its Azure platform, has implemented a range of security features to help organizations protect their data. However, these built-in protections are not automatic guarantees; each organization must actively configure and keep its own security controls to ensure compliance and minimize risk. Advanced methods such as Zero Trust architecture, multi-factor authentication, and AI-driven threat detection are increasingly recommended to address evolving threats in hybrid and multi-cloud environments.
This thesis evaluates current vulnerabilities, reviews best practices, and proposes enhancements for strengthening Microsoft cloud security. The aim is to offer actionable guidance for IT professionals looking to improve their organization’s cloud security posture and meet regulatory requirements.