Microsoft unveils a new cloud security benchmark, casts shade at AWS and GCP

Microsoft head quarters in France
(Image credit: HJBC / Shutterstock)

Microsoft has generally released its multi-cloud security benchmark (MCSB) for enterprise, but we can’t decide whether it’s as much an advertisement for its Azure cloud storage or a boast that the security of competing services just isn’t good enough.

Per The Register, the confusion comes from the fact that, while Microsoft is still providing advice on how to secure enterprise instances of Azure with MCSB, it’s now also doing the same for AWS, and will do the same for Google Cloud later in 2023.

That in itself could be considered reasonable, and even well-intentioned - except for the fact that the new MCSB v1 also offers automated monitoring features (172 separate checks, if you’re counting) for AWS at this time.

Microsoft and multicloud

The Register reported Jim Cheng, a senior software engineer at Microsoft, as saying that, because multicloud configurations are on the rise, it’s important for the tech giant to be “looking outward”.

"[Aggregating security management],” he claimed, “often requires security teams to repeat the same implementation, monitoring, and assessments across different cloud environments and often for different compliance standards. This creates unnecessary overhead, cost, and effort."

From this, it’s clear that Microsoft is pitching the MCSB as a gesture of goodwill, but it’s worth noting that it’s keen to bake it into Windows 11 as a value offering. The MCSB is enabled and governed in Microsoft Defender for Cloud, which the company are positioning as a centralized security dashboard.

That’s important, given that, once Google Cloud monitoring comes to the MCSB, organizations will be able to monitor three major cloud providers (comprising 66% of the market) all from one Microsoft-exclusive application.

Luke Hughes
Staff Writer

 Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.