I suggest you ...

← Windows Azure Feature Voting

Concentrate on Security...this is first and foremost...

With the shown lack of security and adequate data protection / backup through the sidekick issue, security should be the focus of Microsoft with Azure. It can't be full proof I know, I am nervous about cloud computing in general...

49 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Forgot password?
    Create a password
    I agree to the terms of service
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    anonymousanonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      I agree to the terms of service
      Signed in as (Sign out)
      Close
      Close
      Submitting...
      • Thomas (Mentum)Thomas (Mentum) commented  ·   ·  Flag as inappropriate

        Erik. it's not that I don't agree. It's important to make security around destructive operations much safer. And it's joke that MS does not address this issue.

        But do you know of "Linked resources" in the new portal? Eg. we have a Web site which uses Azure Storage. We have added the storage as a linked resource to the web site, so now we can't delete the storage unless we remove this "link" *(or delete the web site).

        Also it serves as a kind of documentation on how storage and services are depended on each other.

        But it does not guard you agains hackers.

      • Eric SmallEric Small commented  ·   ·  Flag as inappropriate

        There should be optional or opt-in two factor authentication on destructive operations. Deleting an entire storage account with all the contents is only a couple clicks away if you have a Windows Live login with administrative access to the Azure account.

        Another option would be handle container leases in a different manner. I think they should make that container and the storage account un-deleteable until the lease has been released. At least then I could get an infinite lease on all my containers and make the storage account somewhat safer from accidental deletion. I'm not certain if this solution would not help with malicious deletion since there is a break operation for leases.

      • Spiir udviklingsteamSpiir udviklingsteam commented  ·   ·  Flag as inappropriate

        I don't like that my Windows Live Id is a single point of access to Azure.

        I'ts a simple Username and password. And I want a policy that ensures that I'm forced to enter username and password every time I login to the Portal. Right now it's cached in my browser.

        Also I would love to be able to enforce a password change every second week.

        And I would love that I could set a IP restriction on the portal.

        AND IP RESTRICTION ON THE AZURE STORAGE. I'ts a no brainer.

        And I would love a readonly access key to Azure Storage.

      Windows Azure Feature Voting

      Feedback and Knowledge Base

      (thinking…)