The University of Pittsburgh’s Microsoft Azure environment not only allows you to leverage scalable storage, create file servers in the cloud, deploy web apps, and utilize short-term compute resources, but it also enables you to do all of these things while taking advantage of advanced security features.

Baseline Compliance with NIST 800-171 

The University of Pittsburgh’s Azure environment meets the stringent security requirements set forth in NIST 800-171, a standard security framework that ensures information systems and networks are set up and operated in a secure manner.

NIST 800-171 establishes key security controls that address factors such as:

• Administrative privileges
• Access management
• Authentication
• Logging and monitoring
• Firewalls  

All data stored in the University’s Azure environment is protected by security controls that ensure strong encryption, limit unsuccessful logins, and prohibit password reuse. For example, cryptographic mechanisms protect the confidentiality of remote access sessions, and passwords are stored as one-way hashes constructed from passwords using AES256 or stronger encryption.

Enhanced Security for Sensitive Data

Some data, including data protected by the Health Insurance Portability and Accountability Act (HIPAA), requires security controls that go beyond those established by NIST 800-181.

If you have especially sensitive data, the University’s Azure environment can likely be customized to accommodate your specific needs. Please contact us, and we’ll follow up to discuss a solution.

Automated Patching

Windows Servers deployed in the Azure environment are protected by an automated patching process that ensures critical security updates are installed as soon as they become available. Automated patching frees departmental server administrators from the traditional task of managing security patches, allowing them to focus their time and expertise where it is needed most. Standardizing the patch management process is also essential to enable the University to provide cloud-based virtualization at scale.

If your department’s servers have unique patching needs (for example, if you need to test certain systems before applying the latest security patches), please contact us so that we can discuss what on-premise options might be available.