Skip to main content

Help us improve the Digital Marketplace - send your feedback

Microsoft Limited

Azure Programmable Connectivity

Network API management across multiple operator networks with unified interface

Features

  • Ensure code consistency: Reliable experience despite evolving networks.
  • Worry-free evolution: Code remains consistent, networks change.
  • Simplify network access: Unified interface, global operator networks.
  • Abstract complexities: Standard interface simplifies network API management.
  • Build network-aware applications: Consistent experience across evolving networks.
  • Unified standard interface: Simplifies access across global networks.
  • Network API management: Simplified with a unified interface.
  • Consistent application experience: Regardless of network changes.
  • Global network access: Simplified through a unified interface.
  • Abstract network complexities: Provide simple, consistent network access.

Benefits

  • SIM Swap: Prevent fraud by checking last SIM card time.
  • Number Verify: Authenticate devices, eliminating one-time password friction.
  • Device Location: Verify location without GPS availability.
  • Quality on Demand: Stable connection, network congestion, critical application assurance.
  • Improve app performance: Tailor network-aware applications for optimal functionality.
  • Fraud prevention: Monitor SIM card changes regularly.
  • Seamless authentication: Verify mobile devices efficiently.
  • Location verification: Accurate even without GPS.
  • Connection reliability: Guaranteed during critical times.
  • Network-aware optimization: Enhance application performance.

Pricing

£11.46 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at msukservices@microsoft.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

2 4 3 1 7 2 6 9 2 8 2 2 6 2 1

Contact

Microsoft Limited Microsoft G Cloud Team
Telephone: 01189094502
Email: msukservices@microsoft.com

Service scope

Service constraints
Azure subscription limits and quotas - Depending upon the Azure service, the limits vary. The limits can be found at:
https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits
System requirements
Service selection dictates system requirements; consult online pages for details.

User support

Email or online ticketing support
Email or online ticketing
Support response times
The Initial Response Time varies with both the support plan and the Business Impact of the request (also known as Severity). For a breakdown of initial response times by several level and business impact, please visit https://azure.microsoft.com/en-us/support/plans/response/
Weekend support availability varies depending on your Azure support plan. For more information, please visit https://azure.microsoft.com/en-us/support/plans/
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Microsoft commitment to accessability can be found here - https://www.microsoft.com/en-us/trust-center/compliance/accessibility#accessibility

Accessibility Conformance Reports can be found here including details of support and administration accessability details - https://www.microsoft.com/en-us/accessibility/conformance-reports

Microsoft is committed to developing technology that empowers everyone, including people with disabilities. Microsoft has a Disability Answer Desk where customers with disabilities get support with Microsoft Office, Windows, and other products. Microsoft also has Accessibility Conformance Reports (ACR) which describe how products and services support recognized global accessibility standards.
https://www.microsoft.com/en-us/Accessibility/disability-answer-desk
https://www.microsoft.com/en-us/accessibility/conformance-reports
https://learn.microsoft.com/en-us/windows/apps/design/accessibility/accessibility-testing
Onsite support
Onsite support
Support levels
Microsoft provides four Azure support plan options, which includes varius levels of technical account management and cloud support engineering. The support options and cost include the following:
- Basic (included for all Azure customers)
- Developer
- Standard
- Professional Direct
- Unified Support
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Microsoft provides all Azure customers with 24/7 self-help resources, including Microsoft Learn, Azure Portal how-to videos, documentation, and community support.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
As a customer, you maintain ownership of your data—the content, personal and other data you provide for storing and hosting in Azure services. Microsoft will not store or process customer data outside the geography you specify, except for certain non-regional services.

You are also in control of any additional geographies where you decide to deploy your solutions or replicate your data.

Azure has established internal records-retention requirements for back-end data. You are responsible for identifying your own record retention requirements. For records that are stored in Azure, you are responsible for extracting your data and retaining your content outside of Azure for a customer-specified retention period.
Azure allows you to export data and audit reports from the product. The exports are saved locally to retain the information for a customer-defined retention time period.
End-of-contract process
Microsoft is governed by strict standards and follows specific processes for removing cloud customer data from systems under our control, overwriting storage resources before reuse, and purging or destroying decommissioned hardware. In our Online Service Terms, Microsoft contractually commits to specific processes when a customer leaves a cloud service or the subscription expires. This includes deleting customer data from systems under our control.

Please see Data Protection Addendum for full and up to date details about how Microsoft manages your data. https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?lang=1

Using the service

Web browser interface
Yes
Using the web interface
Azure provides several web interfaces that allow users to interact with the platform, manage resources, and build applications. These interfaces include, but are not limited to, the following:
- Azure Portal - provides a unified view of all your Azure resources; users can create, configure, and manage various services, virtual machines, databases, etc.
- Azure Cloud Shell: interactive, browser-based shell environment that allows users to manage Azure resources using either Bash or PowerShell; provides a command-line interface directly within the Azure Portal, eliminating the need to install any local tools.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
Microsoft has a strong focus on maintaining the accessibility of web interfaces. We have developed various tools and practices for testing web interfaces with assistive technology users. For example, Microsoft’s Accessibility Insights is an open-source web extension that allows users to perform more than 50 automated and manual tests and easily document detected issues. It currently catches up to 40% of accessibility bugs. We will increase this rate through more automated testing and AI innovation.
Microsoft’s web development practices include the use of Accessible Rich Internet Applications (ARIA), a W3C specification makes dynamic web content and custom user interfaces accessible.
API
Yes
What users can and can't do using the API
Azure users can set up services and make changes via Microsoft’s API using Azure API Management. To set up a service, users can sign in to the Azure portal, navigate to your API Management instance, and create a resource from the Azure portal menu. Detailed instructions for setting up services are available at https://learn.microsoft.com/en-us/azure/api-management/get-started-create-service-instance
From the API Management section of the Azure Portal, users can make changes using by selecting ""Add API"" and following the steps listed at https://learn.microsoft.com/en-us/azure/api-management/add-api-manually
There are some limitations when using Azure API Management. For instance, the maximum number of subscription (API Keys) per service instance is 500. Additional API import restrictions are available at https://learn.microsoft.com/en-us/azure/api-management/api-management-api-import-restrictions.
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • Other
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
The Azure Command-Line Interface (Azure CLI) allows users to interact with Azure services and manage their Azure resources in many ways, including the following:
- Create, update, delete, and manage Azure resources (e.g., virtual machines, storage accounts, web apps, databases, and networks)
- Automate routine tasks (e.g., deploying applications, scaling resources, and configuring networks)
- Integrate with other tools and services (e.g., with Azure DevOps for CI/CD pipelines)
- Using multiple shell environments (e.g., Windows Command Prompt, Bash, PowerShell)
- Learning and understanding Azure services

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
Azure minimises user impact through:
Logical Isolation: Segregates customer data in multi-tenant services.
Data Segregation: Hosts multiple customer VMs on shared hardware.
At-Rest Data Protection: Data is encrypted using Azure’s Key Vault, Disk Encryption, and Storage Service Encryption.
In-Transit Data Protection: Secures data in transit with VPNs, TLS, Azure VM protocols, MACsec encryption.
No Default Access to Customer Data: Denies access to customer data, granting access only through just-in-time.
Least Privilege Principle: For auditing and logging access requests.
Multi-Factor Authentication: Ensures secure access.
Capacity Management: Addresses capacity limitations, providing on-demand capacity reservations.
Azure prioritizes data protection, logical isolation, access control.
Usage notifications
Yes
Usage reporting
  • API
  • Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Failure rates
  • Dependency rates
  • Server and browser exceptions
  • Page views
  • Load performance
  • User and session counts
  • Host diagnostics (Docker or Azure)
  • Diagnostic trace logs
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Files
  • Folders
  • System state
  • Azure Virtual Machines (VMs) - Windows or Linux
  • Azure Managed Disks
  • Azure File shares
  • Databases running on Azure VMs (SQL Server or SAP HANA)
  • Azure PostgreSQL databases
  • Azure Blobs (blob storage)
  • Azure Database for PostgreSQL Flexible server backup
Backup controls
Role-Based Access Controls (RBACs) allow users to segregate duties within their team and give specific permissions to perform backup tasks. Azure Backup has three built-in roles (Backup Contributor, Backup Operator, and Backup Reader), with the ability to create custom roles.
Azure Backup Policy has two components: Schedule (when to take backup) and Retention (how long to retain backup). You can define the policy based on the type of data that's being backed up, RTO/RPO requirements, operational or regulatory compliance needs and workload type (for example, VM, database, files).
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
Microsoft employs robust encryption for data in transit. Key aspects include:

TLS and IPsec: Used for secure communication between client machines and Microsoft servers.
Azure Data Protection: Adheres to IEEE 802.1AE MAC Security Standards for data moving within or between datacenters.
Continuing Data Transfers: State-of-the-art encryption safeguards Customer Data and pseudonymized personal data both at rest and in transit. Azure offers additional options for encrypting data in transit, including Azure Storage Transactions, in-transit encryption for VMs, VPN encryption, and ExpressRoute encryption. Remember, Microsoft prioritizes data security to keep your information safe throughout its journey.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Microsoft provides several options for customers to secure their data in transit internally within the Azure network and externally across the Internet to the end user. These include communication through Virtual Private Networks (utilizing IPsec/IKE encryption), Transport Layer Security (TLS) 1.2 or later (via Azure components such as Application Gateway or Azure Front Door), protocols directly on the Azure virtual machines (such as Windows IPsec or SMB), and more.
Additionally, "encryption by default" using MACsec (an IEEE standard at the data-link layer) is enabled for all Azure traffic traveling between Azure datacenters to ensure confidentiality and integrity of customer data.

Availability and resilience

Guaranteed availability
Microsoft provides detailed service level agreement (SLA) metrics for all Azure components and services.
Approach to resilience
Many Azure regions provide availability zones, which are separated groups of datacenters within a region. Availability zones are close enough to have low-latency connections to other availability zones. They're connected by a high-performance network with a round-trip latency of less than 2ms. However, availability zones are far enough apart to reduce the likelihood that more than one will be affected by local outages or weather. Availability zones have independent power, cooling, and networking infrastructure. They're designed so that if one zone experiences an outage, then regional services, capacity, and high availability are supported by the remaining zones. They help your data stay synchronized and accessible when things go wrong. Datacenter locations are selected by using rigorous vulnerability risk assessment criteria.

Furthermore, you have the ability to build high availability into application architecture by co-locating your computer, storage, networking, and data resources within a zone and replicating in other zones. Azure services that support availability zones fall into two categories:
- Zonal services: you pin the resource to a specific zone (e.g.,, virtual machines, managed disks, standard IP addresses), or
- Zone-redundant services: platform replicates automatically across zones (e.g., zone-redundant storage, SQL database)
Outage reporting
Azure Service Health offers a customizable dashboard for tracking service health in your regions. It monitors active events, planned maintenance, and advisories. Inactive events are stored for 90 days. The dashboard allows creation and management of alerts for proactive notifications. Service Health tracks these health events:
- Service issues in the Azure services that currently affect you.
- Planned maintenance: Upcoming maintenance that may affect the availability of future services.
- Health advisories: Changes in Azure services, e.g., deprecation of Azure features or upgrade requirements.
- Security advisories: Security-related notifications or violations that may affect the availability of your Azure services.
Azure Resource Health diagnoses and provides support for service problems affecting Azure resources. It reports on the current and past health of your resources. Resource Health gives you a personalized dashboard of the health of your resources and shows all the times that your resources have been unavailable. This data makes it easy for you to see if an SLA was violated.
For more information, visit https://learn.microsoft.com/en-us/azure/service-health/resource-health-overview
Microsoft also offers public dashboards that provide service status across all Azure regions. These can be accessed at:
- https://azure.status.microsoft/en-us/status
https://ms.portal.azure.com/#view/Microsoft_Azure_Health/AzureHealthBrowseBlade/~/serviceIssues
Microsoft Azure support posts notifications on Twitter/X about service-related issues.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Customer data is encrypted at rest by default when stored in Azure, and customers can control their own encryption keys in Azure Key Vault. Most support requests do not require data access, with engineers relying on logs. Azure restricts data access for support and troubleshooting, using Just-in-Time (JIT) access for authorized engineers with temporary credentials. Microsoft Purview Customer Lockbox lets customers approve or deny engineer access to their data. These technologies and processes (data encryption, JIT, and Customer Lockbox) ensure risk mitigation, safeguarding data confidentiality and integrity.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
The Certification Body of Schellman & Company, LLC
ISO/IEC 27001 accreditation date
Original registration date: November 29, 2011. Updated: November 28, 2023
What the ISO/IEC 27001 doesn’t cover
Not Applicable
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
1st January 2013
CSA STAR certification level
Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover
Not Applicable
PCI certification
Yes
Who accredited the PCI DSS certification
Coalfire, an independent Qualified Security Assessor (QSA) company
PCI DSS accreditation date
15th March 2021
What the PCI DSS doesn’t cover
Not Applicable
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • https://learn.microsoft.com/en-us/compliance/regulatory/offering-home?view=o365-worldwide
  • ISO 270001
  • ISO 27018
  • SOC 1; SOC 2; SOC 3
  • FedRAMP
  • HITRUST
  • MTCS
  • IRAP
  • ENS

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
Other security governance standards
Azure adheres to numerous, rigorous security and compliance standards, including CSA CCM version 3.0, ISO 27001, ISO 27018, SOC 1, SOC 2, SOC 3, FedRAMP, and HITRUST, among others. For more on specific Azure compliance, visit:
- https://learn.microsoft.com/en-us/azure/compliance/
- https://azure.microsoft.com/en-us/explore/trusted-cloud/compliance/
- https://servicetrust.microsoft.com/
Information security policies and processes
Microsoft’s Information Security Policy ensures clear and concise guidelines for staff and contractors regarding information asset protection. It forms part of the Information Security Management System (ISMS) for Microsoft 365. New and existing Microsoft 365 employees review and adhere to these policies during annual security training. The policy is available for download on the Service Trust Portal (STP).

Azure follows the Microsoft Security Policy (MSP) to govern its information systems, covering:

Infrastructure: Physical components like facilities, equipment, and networks.
Software: Operating systems, applications, and utilities.
People: Developers, operators, users, and managers.
Procedures: Programmed and manual processes.
Data: Information processed by Azure systems.
Microsoft’s risk management aligns with the Enterprise Risk Management (ERM) framework. ERM facilitates risk assessment across the enterprise, enabling consistent risk evaluations. Each online service adheres to ERM guidance, analyzing controls based on the Microsoft Controls Framework. This ensures compliance with regulations and certifications.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Azure’s change management practices are guided by Microsoft’s configuration management policy. This policy is executed through SOPs, including the Microsoft Change Management Standard, and Azure’s Software and Hardware Change and Release Management SOPs.

The Azure SOPs cover the change management process around information system design, development, and implementation of changes and align with Microsoft’s Security Development Lifecycle process.

Except for pre-approved ones, all Azure production changes require review approval, the type of which depends on the team and change. Changes are tracked in an automated system.

For additional details please refer to: https://servicetrust.microsoft.com/viewpage/FedRAMP
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Azure uses integrated deployment systems to manage the distribution and installation of security updates for Microsoft software. Azure also drawd on the resources of the Microsoft Security Response Center (MSRC). The MSRC identifies, monitors, responds to, and resolves security incidents and cloud vulnerabilities around-the-clock, every day of the year.

Vulnerability scanning is performed on server operating systems, databases, and network devices. The vulnerability scans are performed on a quarterly basis at a minimum. Azure contracts with independent assessors to perform penetration testing of the Azure boundary. Red-team exercises are routinely performed, and the results are used to make security improvements.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Azure security uses active monitoring tools like the Microsoft Monitoring Agent and System Center Operations Manager, configured to alert personnel in urgent situations. Azure continuously monitors and detects risks using machine learning algorithms, even when devices are offline. Upon detecting potential compromises, Microsoft follows a structured incident response process, conducting thorough investigations and taking immediate action to contain the exposure. Security controls are implemented across workloads to protect assets.

The Initial Response Time varies with both the support plan and the Business Impact of the request (Severity). Please visit: https://azure.microsoft.com/en-us/support/plans/response/
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Microsoft implements a security incident management process to facilitate a coordinated response to incidents. If unauthorized access to customer data occurs, Microsoft takes the following actions:
- Promptly notifies the customer of the security incident.
- Promptly investigates the security incident and provides customers detailed information about the security incident.
- Takes reasonable and prompt steps to mitigate the effects and minimize any damage resulting from the security incident.
We have an incident management framework that defines roles and allocates responsibilities.

The Azure security incident management team manages security incidents, including escalation, and involving specialist teams when necessary.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Other
Other virtualisation technology used
Microsoft uses a combination of virtual machines (VMs), virtual disks, data virtualization, and container technologies, automatically deployed through Azure Resource Manager (ARM) templates to enable a dynamically scalable and resource-rich data platform.
How shared infrastructure is kept separate
Azure enables resource and data isolation for different tenants sharing infrastructure through:

- Tenant Level Isolation: Each Azure subscription is linked to a Microsoft Entra directory, ensuring logical isolation and preventing co-tenant access.
- Azure Virtual Network (VNet): This ensures each customer’s private network traffic is logically isolated from others.
- Isolated VM Sizes: Azure provides isolated VM sizes dedicated to a single customer, ensuring your VM is the only one on that server instance. These mechanisms maintain privacy, security, and compliance standards by keeping each tenant’s data and applications separate and secure on shared infrastructure.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Microsoft datacentres adhere to the EU Code of Conduct for Energy Efficiency in Data Centres through a variety of best practices and measures:
Power Utilisation Effectiveness (PUE): The EU Code of Conduct for Data Centres uses PUE as a key metric to assess the overall efficiency of a datacentre. PUE represents the ratio of total datacentre input power to IT load power. The lower the PUE value, the higher the efficiency of the facility. The goal is to achieve a PUE close to 1.0.
Monitoring and Improvement: By regularly monitoring PUE, datacentre operators can identify areas of inefficiency and implement targeted energy-saving measures. Companies demonstrating the effective adoption of the Code of Conduct best practices are eligible for the annual EU Code of Conduct in Data Centres Awards.
Adoption of Best Practices: The Code of Conduct encourages datacentre operators to adopt best practices that reduce energy consumption and promote sustainability.
Assessment Framework: The Code of Conduct provides auditors with the tools to assess if datacenters apply the practices correctly. Microsoft’s commitment to energy efficiency and sustainability is also demonstrated by the aim to power its datacenters with 100% renewable energy.

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Microsoft’s approach to addressing the climate crisis starts with the sustainability of our own business. In 2020, we made a bold set of commitments: to be a carbon negative, water positive, zero waste company that protects ecosystems—all by 2030. Three years into this journey, we remain steadfast in our commitment. 2022 was a reminder that to mitigate the most severe impacts of climate change, our commitments need to extend beyond our four walls, and we must continue to accelerate investments that will enable progress for decades to come.

In 2022 we launched Microsoft Cloud for Sustainability, a comprehensive suite of enterprise-grade sustainability management tools. We also helped to advance a set of global sustainability initiatives that aim to benefit every person and organization on the planet. These include accelerating the availability of new climate technologies through our Climate Innovation Fund, strengthening our climate policy agenda, helping to develop a more reliable and interoperable carbon accounting system, advocating for skilling programs to expand the green workforce, and working to enable a just transition for the vulnerable populations of the global south.

Microsoft has an important role to play in developing and advancing new climate solutions, but also recognize that the climate crisis can’t be solved by any single company, organization, or government. The global community needs partnerships, new innovations, policies, and global commitment to ensure a healthy future for all.

Covid-19 recovery

In response to the COVID-19 pandemic, we continue to focus on protecting public health by providing tools and technology to health care providers and researchers, to better understand the virus, its transmission, treatment and potential vaccine. A few of the specific actions we are taking include:

-Using Azure high-performance computing capabilities and our data scientists and Microsoft researchers to protect public health. For example, our expanded commitment to our AI for Health Program, dedicating $20 million in funding to aid COVID-19 researchers.

-Through AI for Health, our funding projects used data to help public health authorities make informed and effective decisions, help healthcare providers respond to the immediate crisis safely and effectively, and accelerate scientific efforts to understand and treat COVID-19 and develop a vaccine.

-We have awarded more than 150 grants through AI for Health to organizations tackling the COVID-19 pandemic, including:

1. The Duke University (they addressed the ventilator shortage)
2. COVID-19 Moonshot project by UCB that leveraged Azure to screen targets and potential entities for research.
3. Folding@home, a global organization using distributed computing to research COVID-19 proteins and inform new therapies.

- Contributing to the COVID-19 Open Research Dataset, representing the most extensive machine-readable coronavirus literature collection available for data and text mining to date, with more than 130,000 scholarly articles.

- Microsoft’s subsidiary GitHub is also hosting important data on the spread of COVID-19, making it easier for researchers to use and analyze this vital data. We also use this data to develop visualizations in Power BI to support policymakers around the world as well as deliver a real-time public view of the progress we’re making together to heal the world.

Tackling economic inequality

Inclusive economic growth is our commitment to leaving no one behind. Our global social impact work centers around “skills for jobs,” ensuring that everyone has access to the skills, technology, and opportunities needed in a digitized world.

In the UK, our GetON Campaign has helped 1.5 million people build tech careers and connected 300,000 to tech job opportunities. The Digital Skills Hub offers free training and certifications, customisable to specific needs.

Apprenticeships play a crucial role. Collaborating with social enterprise GetMyFirstJob, we’ve created the Microsoft Connector platform, bridging seekers and partners for apprenticeship opportunities. Recent research shows that 23% of Microsoft IT apprentices in 2021-23 came from the most deprived quintile in England, highlighting the power of apprenticeships for economic prosperity and social mobility.

Our business thrives on collaboration and partnership. With over 40,000 UK organizations in our ecosystem, employing 570,000 people, we maximise social and economic impact through joint efforts. Our Partner Pledge focuses on digital skills, apprenticeships, diversity, responsible AI, and sustainability.

Microsoft’s mission is to empower every person and organisation, with inclusiveness at its core. We actively address workforce inequality by:

Diverse Hiring: Believing diversity accelerates innovation and contributes to economic equality.
Skills Development: Providing ongoing training for employees’ growth.
Pay Equity: Regularly reviewing compensation for parity.
Employee Resource Groups (ERGs): Supporting career development and community engagement.
Transparency: Sharing diversity metrics and progress publicly.
We collaborate with external organizations to provide underrepresented communities access to digital skills. Our commitment extends to partners, encouraging diversity and inclusion. Joining the UK Government Disability Confident Scheme and initiating the Partner Pledge has inspired over 300 partners to promote diversity in the tech sector.

Equal opportunity

Microsoft recognizes that a diverse workforce is essential to innovation and growth. We promote a cooperative and productive work environment by supporting the cultural and ethnic diversity of our workforce, and are actively committed to providing equal employment opportunity to all qualified employees and applicants. We have many initiatives and programs in place to promote diversity and inclusion, including employee resource groups, diversity and inclusion training, and partnerships with organisations that support underrepresented groups.
We maintain a work environment free from discrimination, one where employees are treated with dignity and respect. All employees share in the responsibility for fulfilling Microsoft's commitment to equal employment opportunity.

Microsoft does not discriminate against any employee or applicant on the basis of age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We adhere to these principles in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, social and recreational programs, and discipline. In addition, it is the policy of Microsoft to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations and ordinances where a particular employee works. We are committed to equally opportunity practices as demonstrated in the following links:

https://careers.microsoft.com/us/en/legalpolicies
https://www.microsoft.com/en-us/diversity/default.aspx
https://www.microsoft.com/en-us/diversity/inside-microsoft/default.aspx

Microsoft is committed to equal opportunities employment practices. Microsoft policies on managing and developing workforce, how to empower employees and Inclusive hiring can be found here:

https://www.microsoft.com/en-us/corporate-responsibility/empowering-employees

Wellbeing

Microsoft has implemented several initiatives to foster the wellbeing of its employees:

Microsoft Viva: Microsoft Viva is an employee experience platform that fosters a culture of wellbeing and improves productivity. It provides data-driven, privacy-protected insights and recommendations to help improve employee wellbeing.
Work-Life Integration: Microsoft promotes work-life integration, which is the natural evolution of work-life balance. In many flexible employment situations, the boundaries between work life and home life are blurred. This makes it even more important to consider how work—and the rest of life—are more integrated than we might think.
Mental Health Resources: Microsoft has deeply invested in mental health resources as an integral part of employee wellbeing, through its benefits package and workplace culture.
Employee Empowerment: Microsoft focuses on bringing out the best in people, supporting their goals, and allowing them to find deep meaning in their work. They strive to create a respectful, rewarding, diverse, and inclusive work environment.
Diversity and Inclusion: Microsoft believes in empowering everyone on the planet and sees diversity and inclusion as core to its business model. The better they represent diversity inside Microsoft, the better they’re able to innovate for those they seek to empower.
Learning and Development Opportunities: Microsoft provides personalized, integrated, and relevant views of all learning opportunities on Microsoft Learning and LinkedIn Learning. They also offer frequent promotion opportunities.
Benefits and Rewards: Microsoft develops dynamic, sustainable, and strategic programs that together provide a highly differentiated portfolio to attract, reward, and retain top talent.

Pricing

Price
£11.46 a unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Depending upon the service there are range of trial offerings available.

A free trial of Azure is available at https://azure.microsoft.com/en-gb/free/search/?ef_id=_k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&OCID=AIDcmm3bvqzxp1_SEM__k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&msclkid=d00f79182b1a1d5b7a5a1f0d4a8f4aaf
Link to free trial
https://azure.microsoft.com/en-gb/free/search/?ef_id=_k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&OCID=AIDcmm3bvqzxp1_SEM__k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&msclkid=d00f79182b1a1d5b7a5a1f0d4a8f4aaf

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at msukservices@microsoft.com. Tell them what format you need. It will help if you say what assistive technology you use.