%3CLINGO-SUB%20id%3D%22lingo-sub-1503444%22%20slang%3D%22en-US%22%3EEnhanced%20Security%20and%20Compliance%20for%20Azure%20Database%20for%20MySQL%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1503444%22%20slang%3D%22en-US%22%3E%3CP%3ESecurity%20commitments%20and%20improvements%20on%20Azure%20Database%20for%20MySQL%20are%20attracting%20a%20growing%20number%20of%20customers%20to%20the%20platform.%20Our%20customers%20rely%20on%20national%20and%20industry%20standard%20security%20controls%20to%20develop%20and%20improve%20their%20cybersecurity%20defenses%2C%20and%20they%20expect%20the%20same%20level%20of%20security%20due%20diligence%20when%20they%20build%20their%20open%20source%20workloads%20in%20the%20cloud.%20These%20security%20controls%20also%20ensure%20that%20they%20meet%20the%20security%20and%20compliance%20certification%20requirements%20applicable%20to%20their%20industry%2C%20country%2C%20or%20region.%20This%20blog%20will%20highlight%20some%20of%20Azure%20Database%20for%20MySQL%20most%20notable%20security%20compliance%20offerings%20and%20new%20security%20features%20on%20the%20platform%20that%20we%20will%20be%20blogging%20about%20in%20the%20coming%20weeks.%20%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAzure%20Database%20for%20MySQL%26nbsp%3B%20have%20achieved%20a%20comprehensive%20set%20of%20national%2C%20regional%2C%20and%20industry-specific%20compliance%20certifications%20%26nbsp%3Bin%20our%20public%20cloud%20to%20help%20customers%20comply%20with%20requirements%20governing%20the%20collection%20and%20use%20of%20their%20data%26nbsp%3B.%20To%20date%2C%20Azure%20Database%20for%20MySQL%20have%20amassed%20over%2050%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-home%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ecompliance%20offerings%3C%2FA%3E%2C%20including%20the%20more%20notable%20ones%20such%20as%20HIPAA%2C%20HITRUST%2C%20PCI-DSS%2C%20ISO%2027001%2C%20ISO%2FIEC%2027018%2C%20FedRAMP%20High%2C%20etc.%20Azure%20Database%20for%20MySQL%20are%20continuing%20to%20pursue%20even%20more%20compliance%20certifications%2C%20which%20we%E2%80%99ll%20announce%20in%20future%20blogs%20and%20as%20part%20of%20Azure%E2%80%99s%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-home%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ecompliance%20offerings%3C%2FA%3E.%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CTABLE%20class%3D%22%20lia-align-center%22%3E%0A%3CTBODY%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%3E%3CP%20class%3D%22lia-align-left%22%3E%3CSTRONG%3ECertificate%3C%2FSTRONG%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%3E%3CP%20class%3D%22lia-align-left%22%3E%3CSTRONG%3EApplicable%20to%E2%80%A6%3C%2FSTRONG%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-hipaa-hitech%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EHIPAA%20and%20HITECH%20Act%20(U.S.)%3C%2FA%3E%2C%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-hitrust%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EHITRUST%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EHealthcare%20Providers%2C%20Healthcare%20Clearinghouses%2C%20and%20Health%20Plans%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-pci-dss%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EPCI-DSS%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3ECommercial%20payment%20applications%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-iso-27001%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EISO%2027001%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EInformation%20Security%20Management%20Systems%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-iso-27018%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EISO%2FIEC%2027018%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EPublic%20and%20private%20companies%2C%20government%20entities%20and%20not-for-profits%20that%20provides%20PII%20processing%20services%20via%20the%20cloud%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-nist-csf%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3ENIST%20Cybersecurity%20Framework%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EPublic%20and%20private%20companies%2C%20government%20entities%20and%20not-for-profits%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-fedramp%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EFedRAMP%20High%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EU.S.%20Federal%20Agencies%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-soc%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3ESOC%201%2C%202%20and%203%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3ECloud%20service%20providers%3B%20offers%20assurance%20to%20customers%20and%20stakeholders%20that%20effective%20internal%20controls%20that%20affect%20financial%20reports%20and%20operational%20control%20systems%20are%20in%20place%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-csa-star-certification%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3ECloud%20Security%20Allowance%20STAR%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3ECloud%20service%20providers%3B%20demonstrates%20ISO%2FIEC%2027001%20and%20Cloud%20Controls%20Matrix%20compliance%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-eu-model-clauses%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EEU%20Model%20Clauses%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EAll%20EU%20countries%20Norway%2C%20Iceland%2C%20and%20Liechtenstein%3B%20provides%20assurances%20for%20personal%20data%20leaving%20the%20European%20Economic%20Area%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20width%3D%22246%22%20class%3D%22lia-align-left%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fcompliance%2Foffering-g-cloud-uk%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EUK%20G-Cloud%3C%2FA%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20width%3D%22378%22%20class%3D%22lia-align-left%22%3E%3CP%3EUK%20Government%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3C%2FTBODY%3E%0A%3C%2FTABLE%3E%0A%3CP%20class%3D%22lia-align-center%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EAzure%E2%80%99s%20continued%20commitments%20have%20also%20led%20to%20the%20development%20and%20implementation%20of%20several%20new%20security%20features%20on%20Azure%20Database%20for%20MySQL%20that%20we%E2%80%99ll%20be%20blogging%20about%20in%20the%20next%20couple%20of%20weeks.%20These%20new%20features%20include%20high-demand%20capabilities%20such%20as%20Data%20Security%20at%20Rest%20(bring%20your%20own%20key%20%5BBYOK%5D%20and%20double%20encryption)%2C%20Data%20security%20in%20Motion%20(TLS%20and%20SSL)%2C%20Network%20Security%20(firewall%2C%20service%20endpoint%2C%20private%20link)%2C%20and%20Access%20Methods%20(native%20authentication%20and%20AAD).%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-center%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EMicrosoft%20also%20offers%20the%20%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fen-us%2Foverview%2Fazure-ip-advantage%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20IP%20Advantage%3C%2FA%3E%20for%20services%20running%20open%20source%20technologies.%20The%20Azure%20IP%20Advantage%20provides%20best-in-industry%20intellectual%20property%20protection%2C%20uncapped%20indemnification%2C%20the%20ability%20to%20deter%20and%20defend%20lawsuits%20with%20patent%20pick%20and%20broad%20protection%20with%20a%20springing%20license.%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-center%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EThese%20new%20features%20and%20others%20in%20development%20highlight%20Azure%E2%80%99s%20commitment%20to%20be%20the%20most%20secure%20cloud%20in%20the%20world%20and%20collectively%20strengthen%20the%20security%20portfolio%20of%20our%20open%20source%20services.%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EIf%20you%20have%20questions%2C%20please%20feel%20free%20to%20reach%20out%20to%20the%20%3CA%20href%3D%22mailto%3AAskAzureDBforMySQL%40service.microsoft.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAskAzureDBforMySQL%40service.microsoft.com%3C%2FA%3E%20alias.%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EThanks!%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EZubah%20Koweh%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3ESenior%20Program%20Manager%20-%20Microsoft%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1503444%22%20slang%3D%22en-US%22%3E%3CP%3EThis%20blog%20highlights%20Azure%20Database%20for%20MySQL%20most%20notable%20security%20compliance%20offerings%20and%20new%20security%20features%20on%20the%20platform%20we%20will%20be%20blogging%20about%20in%20the%20coming%20weeks.%20%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-TEASER%3E
Microsoft

Security commitments and improvements on Azure Database for MySQL are attracting a growing number of customers to the platform. Our customers rely on national and industry standard security controls to develop and improve their cybersecurity defenses, and they expect the same level of security due diligence when they build their open source workloads in the cloud. These security controls also ensure that they meet the security and compliance certification requirements applicable to their industry, country, or region. This blog will highlight some of Azure Database for MySQL most notable security compliance offerings and new security features on the platform that we will be blogging about in the coming weeks.  

 

Azure Database for MySQL  have achieved a comprehensive set of national, regional, and industry-specific compliance certifications  in our public cloud to help customers comply with requirements governing the collection and use of their data . To date, Azure Database for MySQL have amassed over 50 compliance offerings, including the more notable ones such as HIPAA, HITRUST, PCI-DSS, ISO 27001, ISO/IEC 27018, FedRAMP High, etc. Azure Database for MySQL are continuing to pursue even more compliance certifications, which we’ll announce in future blogs and as part of Azure’s compliance offerings.

 

Certificate

Applicable to…

HIPAA and HITECH Act (U.S.), HITRUST

Healthcare Providers, Healthcare Clearinghouses, and Health Plans

PCI-DSS

Commercial payment applications

ISO 27001

Information Security Management Systems

ISO/IEC 27018

Public and private companies, government entities and not-for-profits that provides PII processing services via the cloud

NIST Cybersecurity Framework

Public and private companies, government entities and not-for-profits

FedRAMP High

U.S. Federal Agencies

SOC 1, 2 and 3

Cloud service providers; offers assurance to customers and stakeholders that effective internal controls that affect financial reports and operational control systems are in place

Cloud Security Allowance STAR

Cloud service providers; demonstrates ISO/IEC 27001 and Cloud Controls Matrix compliance

EU Model Clauses

All EU countries Norway, Iceland, and Liechtenstein; provides assurances for personal data leaving the European Economic Area

UK G-Cloud

UK Government

 

Azure’s continued commitments have also led to the development and implementation of several new security features on Azure Database for MySQL that we’ll be blogging about in the next couple of weeks. These new features include high-demand capabilities such as Data Security at Rest (bring your own key [BYOK] and double encryption), Data security in Motion (TLS and SSL), Network Security (firewall, service endpoint, private link), and Access Methods (native authentication and AAD).

 

Microsoft also offers the Azure IP Advantage for services running open source technologies. The Azure IP Advantage provides best-in-industry intellectual property protection, uncapped indemnification, the ability to deter and defend lawsuits with patent pick and broad protection with a springing license.

 

These new features and others in development highlight Azure’s commitment to be the most secure cloud in the world and collectively strengthen the security portfolio of our open source services.

If you have questions, please feel free to reach out to the AskAzureDBforMySQL@service.microsoft.com alias.

 

Thanks!

 

Zubah Koweh

Senior Program Manager - Microsoft