Security

Decades of experience

In today’s complex and regulated environment, businesses need to focus on building more secure solutions that deliver value to their customers, partners, and shareholders—both in the cloud and on-premises. Microsoft has decades-long experience building enterprise software and running some of the largest online services in the world. We use this experience to implement and continuously improve security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of services and data.

Assume breach

The guiding principle of our security strategy is to “assume breach.” The Microsoft global incident response team works around the clock to mitigate the effects of any attack against our cloud services. And security is built into Microsoft business products and cloud services from the ground up, starting with the Security Development Lifecycle, a mandatory development process that embeds security requirements into every phase of the development process.

Commitment to compliance

Microsoft also complies with both international and industry-specific compliance standards and participates in rigorous third-party audits that verify our security controls.

Learn more

Find out more about security by reading some of our in-depth security topics or by looking up product-specific security features.

Featured

5 Questions Executives Should Be Asking Their Security Teams

5 Questions Executives Should Be Asking Their Security Teams

Nothing's worse for a brand than a cyberattack. Learn how to minimize the risk.

Contact Trust Center

Need help evaluating our products? Can’t find the information you need?

Looking for general technical support?

Contact Microsoft support