Microsoft officials previously said that they will be operating in the second half of 2016 two new German datacenters, located in Magdeburg and Frankfurt. These datacenters, which will offer users Azure, Office 365 and Dynamics CRM Online, will offer users the option to have their data-access controlled by a trusted third party, not Microsoft. Officials said that access to customer data stored in these new datacenters would be under the control of T-Systems, a Deutsche Telekom subsidiary, that would act as a data trustee.
All access rights to data stored in the coming Microsoft German datacenters will be handled by a role based access model (RBAC), Wigand explained. These roles are based on functions, such as "Reader," "Owner," etc., and/or on realms, such as server, mailboxes, resources groups, etc. Users will be able to assign a user the administrator role for a particular resource group, and the rights will only affect resources inside the group, not a whole subscription or other resources.
"Microsoft has - in this new model - no rights at all to access customer data. Only for special purpose like a support call from a customer a temporary access will be granted by the Data Trustee to the Microsoft engineer, and only for the specified area. After that time (using a technology similar to what you might know as JIT) all access is revoked automatically. So to repeat: Access is granted to the Microsoft engineer only by the Data Trustee. Microsoft has no way to grant that access to itself. And of course there is a logging of this process to an area where Microsoft has no access, too. In addition the Data Trustee is escorting the session and watching the engineer at work."
For any cases where Microsoft could potentially come in contact with customer data, there needs to be a reason related to the operation of the services, a well-defined area of access and a well-defined time period before the trustee will grant access, he said. So while Microsoft can have access to customer data in particular cases, it's the German Data Trustee that will make the decision as to whether access is granted. Microsoft can't access customer data stored in those datacenters without the German Data Trustee or customer's approval.
Data will be stored only in the German datacenters (Germany Central and Germany Northeast). Communication between those two centers is handled by a dedicated network line leased from a German provider in an attempt to ensure no data is accidentally routed outside of Germany. There's no additional replication or backup to other regions outside Germany, Wigand said.
"Only a small kind of index table is replicated through all regions to make sure that the German regions are not a standalone solution but still part of the global Microsoft Azure cloud platform," Wigand said.
Additionally, all SSL certificates issued in the Microsoft cloud in Germany will be handled by an external Certification Authority, he added.
Will this new plan be enough to convince customers that Microsoft's cloud is trustworthy -- or at least more trustworthy than its competitors'? I guess we'll find out more next year once the new regions are up and running....