Microsoft Entra ID (formerly Azure AD)
Synchronize on-premises directories and enable single sign-on.
Features
- Multi factor authentication : Enhances security with additional authentication methods
- Conditional access policies : Customised access controls
- Identity protection : Safeguard users Identities and credentials
- Single sign on: Seamless access to applications with existing credentials
- Standard-based authentication : Supports SSO for third party Applications
- Automated user provisioning: Streamlines management across windows AD
- Role bases security : Granular access control for different roles
- Risk based authentication : Adaptive security based on risk Assessment
- Audit logging : Comprehensive tracking of users activities
Benefits
- Enhances security by requiring multiple forms of verification
- Customises access controls based on specific scenarios
- Safeguards user identities and prevents account compromise
- Simplifies user experience by requiring one set of credentials
- Enables SSO for 3rd party applications
- Streamlines user management across environments
- Granular access control based on job responsibilities
- FIDO-2 compliant :strong authentication using hardware security keys
- Consolidate vendors and optimize licensing
Pricing
£10.85 a unit
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at msukservices@microsoft.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 14
Service ID
9 4 0 8 3 3 7 2 1 8 0 4 5 0 3
Contact
Microsoft Limited
Microsoft G Cloud Team
Telephone: 01189094502
Email: msukservices@microsoft.com
Service scope
- Service constraints
-
Azure subscription limits and quotas - Depending upon the Azure service, the limits vary. The limits can be found at:
https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits - System requirements
- Service selection dictates system requirements; consult online pages for details.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
The Initial Response Time varies with both the support plan and the Business Impact of the request (also known as Severity). For a breakdown of initial response times by several level and business impact, please visit https://azure.microsoft.com/en-us/support/plans/response/
Weekend support availability varies depending on your Azure support plan. For more information, please visit https://azure.microsoft.com/en-us/support/plans/ - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
-
Microsoft commitment to accessability can be found here - https://www.microsoft.com/en-us/trust-center/compliance/accessibility#accessibility
Accessibility Conformance Reports can be found here including details of support and administration accessability details - https://www.microsoft.com/en-us/accessibility/conformance-reports
Microsoft is committed to developing technology that empowers everyone, including people with disabilities. Microsoft has a Disability Answer Desk where customers with disabilities get support with Microsoft Office, Windows, and other products. Microsoft also has Accessibility Conformance Reports (ACR) which describe how products and services support recognized global accessibility standards.
https://www.microsoft.com/en-us/Accessibility/disability-answer-desk
https://www.microsoft.com/en-us/accessibility/conformance-reports
https://learn.microsoft.com/en-us/windows/apps/design/accessibility/accessibility-testing - Onsite support
- Onsite support
- Support levels
-
Microsoft provides four Azure support plan options, which includes varius levels of technical account management and cloud support engineering. The support options and cost include the following:
- Basic (included for all Azure customers)
- Developer
- Standard
- Professional Direct
- Unified Support - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Microsoft provides all Azure customers with 24/7 self-help resources, including Microsoft Learn, Azure Portal how-to videos, documentation, and community support.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
As a customer, you maintain ownership of your data—the content, personal and other data you provide for storing and hosting in Azure services. Microsoft will not store or process customer data outside the geography you specify, except for certain non-regional services.
You are also in control of any additional geographies where you decide to deploy your solutions or replicate your data.
Azure has established internal records-retention requirements for back-end data. You are responsible for identifying your own record retention requirements. For records that are stored in Azure, you are responsible for extracting your data and retaining your content outside of Azure for a customer-specified retention period.
Azure allows you to export data and audit reports from the product. The exports are saved locally to retain the information for a customer-defined retention time period. - End-of-contract process
-
Microsoft is governed by strict standards and follows specific processes for removing cloud customer data from systems under our control, overwriting storage resources before reuse, and purging or destroying decommissioned hardware. In our Online Service Terms, Microsoft contractually commits to specific processes when a customer leaves a cloud service or the subscription expires. This includes deleting customer data from systems under our control.
Please see Data Protection Addendum for full and up to date details about how Microsoft manages your data. https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?lang=1
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Azure provides several web interfaces that allow users to interact with the platform, manage resources, and build applications. These interfaces include, but are not limited to, the following:
- Azure Portal - provides a unified view of all your Azure resources; users can create, configure, and manage various services, virtual machines, databases, etc.
- Azure Cloud Shell: interactive, browser-based shell environment that allows users to manage Azure resources using either Bash or PowerShell; provides a command-line interface directly within the Azure Portal, eliminating the need to install any local tools. - Web interface accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web interface accessibility testing
-
Microsoft has a strong focus on maintaining the accessibility of web interfaces. We have developed various tools and practices for testing web interfaces with assistive technology users. For example, Microsoft’s Accessibility Insights is an open-source web extension that allows users to perform more than 50 automated and manual tests and easily document detected issues. It currently catches up to 40% of accessibility bugs. We will increase this rate through more automated testing and AI innovation.
Microsoft’s web development practices include the use of Accessible Rich Internet Applications (ARIA), a W3C specification makes dynamic web content and custom user interfaces accessible. - API
- Yes
- What users can and can't do using the API
-
Azure users can set up services and make changes via Microsoft’s API using Azure API Management. To set up a service, users can sign in to the Azure portal, navigate to your API Management instance, and create a resource from the Azure portal menu. Detailed instructions for setting up services are available at https://learn.microsoft.com/en-us/azure/api-management/get-started-create-service-instance
From the API Management section of the Azure Portal, users can make changes using by selecting ""Add API"" and following the steps listed at https://learn.microsoft.com/en-us/azure/api-management/add-api-manually
There are some limitations when using Azure API Management. For instance, the maximum number of subscription (API Keys) per service instance is 500. Additional API import restrictions are available at https://learn.microsoft.com/en-us/azure/api-management/api-management-api-import-restrictions. - API automation tools
-
- Ansible
- Chef
- OpenStack
- SaltStack
- Terraform
- Puppet
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- Other
- Command line interface
- Yes
- Command line interface compatibility
-
- Linux or Unix
- Windows
- MacOS
- Using the command line interface
-
The Azure Command-Line Interface (Azure CLI) allows users to interact with Azure services and manage their Azure resources in many ways, including the following:
- Create, update, delete, and manage Azure resources (e.g., virtual machines, storage accounts, web apps, databases, and networks)
- Automate routine tasks (e.g., deploying applications, scaling resources, and configuring networks)
- Integrate with other tools and services (e.g., with Azure DevOps for CI/CD pipelines)
- Using multiple shell environments (e.g., Windows Command Prompt, Bash, PowerShell)
- Learning and understanding Azure services
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
-
Azure minimises user impact through:
Logical Isolation: Segregates customer data in multi-tenant services.
Data Segregation: Hosts multiple customer VMs on shared hardware.
At-Rest Data Protection: Data is encrypted using Azure’s Key Vault, Disk Encryption, and Storage Service Encryption.
In-Transit Data Protection: Secures data in transit with VPNs, TLS, Azure VM protocols, MACsec encryption.
No Default Access to Customer Data: Denies access to customer data, granting access only through just-in-time.
Least Privilege Principle: For auditing and logging access requests.
Multi-Factor Authentication: Ensures secure access.
Capacity Management: Addresses capacity limitations, providing on-demand capacity reservations.
Azure prioritizes data protection, logical isolation, access control. - Usage notifications
- Yes
- Usage reporting
-
- API
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Other
- Other metrics
-
- Failure rates
- Dependency rates
- Server and browser exceptions
- Page views
- Load performance
- User and session counts
- Host diagnostics (Docker or Azure)
- Diagnostic trace logs
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Files
- Folders
- System state
- Azure Virtual Machines (VMs) - Windows or Linux
- Azure Managed Disks
- Azure File shares
- Databases running on Azure VMs (SQL Server or SAP HANA)
- Azure PostgreSQL databases
- Azure Blobs (blob storage)
- Azure Database for PostgreSQL Flexible server backup
- Backup controls
-
Role-Based Access Controls (RBACs) allow users to segregate duties within their team and give specific permissions to perform backup tasks. Azure Backup has three built-in roles (Backup Contributor, Backup Operator, and Backup Reader), with the ability to create custom roles.
Azure Backup Policy has two components: Schedule (when to take backup) and Retention (how long to retain backup). You can define the policy based on the type of data that's being backed up, RTO/RPO requirements, operational or regulatory compliance needs and workload type (for example, VM, database, files). - Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users schedule backups through a web interface
- Backup recovery
- Users can recover backups themselves, for example through a web interface
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection between networks
-
Microsoft employs robust encryption for data in transit. Key aspects include:
TLS and IPsec: Used for secure communication between client machines and Microsoft servers.
Azure Data Protection: Adheres to IEEE 802.1AE MAC Security Standards for data moving within or between datacenters.
Continuing Data Transfers: State-of-the-art encryption safeguards Customer Data and pseudonymized personal data both at rest and in transit. Azure offers additional options for encrypting data in transit, including Azure Storage Transactions, in-transit encryption for VMs, VPN encryption, and ExpressRoute encryption. Remember, Microsoft prioritizes data security to keep your information safe throughout its journey. - Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
-
Microsoft provides several options for customers to secure their data in transit internally within the Azure network and externally across the Internet to the end user. These include communication through Virtual Private Networks (utilizing IPsec/IKE encryption), Transport Layer Security (TLS) 1.2 or later (via Azure components such as Application Gateway or Azure Front Door), protocols directly on the Azure virtual machines (such as Windows IPsec or SMB), and more.
Additionally, "encryption by default" using MACsec (an IEEE standard at the data-link layer) is enabled for all Azure traffic traveling between Azure datacenters to ensure confidentiality and integrity of customer data.
Availability and resilience
- Guaranteed availability
- Microsoft provides detailed service level agreement (SLA) metrics for all Azure components and services.
- Approach to resilience
-
Many Azure regions provide availability zones, which are separated groups of datacenters within a region. Availability zones are close enough to have low-latency connections to other availability zones. They're connected by a high-performance network with a round-trip latency of less than 2ms. However, availability zones are far enough apart to reduce the likelihood that more than one will be affected by local outages or weather. Availability zones have independent power, cooling, and networking infrastructure. They're designed so that if one zone experiences an outage, then regional services, capacity, and high availability are supported by the remaining zones. They help your data stay synchronized and accessible when things go wrong. Datacenter locations are selected by using rigorous vulnerability risk assessment criteria.
Furthermore, you have the ability to build high availability into application architecture by co-locating your computer, storage, networking, and data resources within a zone and replicating in other zones. Azure services that support availability zones fall into two categories:
- Zonal services: you pin the resource to a specific zone (e.g.,, virtual machines, managed disks, standard IP addresses), or
- Zone-redundant services: platform replicates automatically across zones (e.g., zone-redundant storage, SQL database) - Outage reporting
-
Azure Service Health offers a customizable dashboard for tracking service health in your regions. It monitors active events, planned maintenance, and advisories. Inactive events are stored for 90 days. The dashboard allows creation and management of alerts for proactive notifications. Service Health tracks these health events:
- Service issues in the Azure services that currently affect you.
- Planned maintenance: Upcoming maintenance that may affect the availability of future services.
- Health advisories: Changes in Azure services, e.g., deprecation of Azure features or upgrade requirements.
- Security advisories: Security-related notifications or violations that may affect the availability of your Azure services.
Azure Resource Health diagnoses and provides support for service problems affecting Azure resources. It reports on the current and past health of your resources. Resource Health gives you a personalized dashboard of the health of your resources and shows all the times that your resources have been unavailable. This data makes it easy for you to see if an SLA was violated.
For more information, visit https://learn.microsoft.com/en-us/azure/service-health/resource-health-overview
Microsoft also offers public dashboards that provide service status across all Azure regions. These can be accessed at:
- https://azure.status.microsoft/en-us/status
https://ms.portal.azure.com/#view/Microsoft_Azure_Health/AzureHealthBrowseBlade/~/serviceIssues
Microsoft Azure support posts notifications on Twitter/X about service-related issues.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Customer data is encrypted at rest by default when stored in Azure, and customers can control their own encryption keys in Azure Key Vault. Most support requests do not require data access, with engineers relying on logs. Azure restricts data access for support and troubleshooting, using Just-in-Time (JIT) access for authorized engineers with temporary credentials. Microsoft Purview Customer Lockbox lets customers approve or deny engineer access to their data. These technologies and processes (data encryption, JIT, and Customer Lockbox) ensure risk mitigation, safeguarding data confidentiality and integrity.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- The Certification Body of Schellman & Company, LLC
- ISO/IEC 27001 accreditation date
- Original registration date: November 29, 2011. Updated: November 28, 2023
- What the ISO/IEC 27001 doesn’t cover
- Not Applicable
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 1st January 2013
- CSA STAR certification level
- Level 2: CSA STAR Attestation
- What the CSA STAR doesn’t cover
- Not Applicable
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Coalfire, an independent Qualified Security Assessor (QSA) company
- PCI DSS accreditation date
- 15th March 2021
- What the PCI DSS doesn’t cover
- Not Applicable
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- https://learn.microsoft.com/en-us/compliance/regulatory/offering-home?view=o365-worldwide
- ISO 270001
- ISO 27018
- SOC 1; SOC 2; SOC 3
- FedRAMP
- HITRUST
- MTCS
- IRAP
- ENS
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Other
- Other security governance standards
-
Azure adheres to numerous, rigorous security and compliance standards, including CSA CCM version 3.0, ISO 27001, ISO 27018, SOC 1, SOC 2, SOC 3, FedRAMP, and HITRUST, among others. For more on specific Azure compliance, visit:
- https://learn.microsoft.com/en-us/azure/compliance/
- https://azure.microsoft.com/en-us/explore/trusted-cloud/compliance/
- https://servicetrust.microsoft.com/ - Information security policies and processes
-
Microsoft’s Information Security Policy ensures clear and concise guidelines for staff and contractors regarding information asset protection. It forms part of the Information Security Management System (ISMS) for Microsoft 365. New and existing Microsoft 365 employees review and adhere to these policies during annual security training. The policy is available for download on the Service Trust Portal (STP).
Azure follows the Microsoft Security Policy (MSP) to govern its information systems, covering:
Infrastructure: Physical components like facilities, equipment, and networks.
Software: Operating systems, applications, and utilities.
People: Developers, operators, users, and managers.
Procedures: Programmed and manual processes.
Data: Information processed by Azure systems.
Microsoft’s risk management aligns with the Enterprise Risk Management (ERM) framework. ERM facilitates risk assessment across the enterprise, enabling consistent risk evaluations. Each online service adheres to ERM guidance, analyzing controls based on the Microsoft Controls Framework. This ensures compliance with regulations and certifications.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
Azure’s change management practices are guided by Microsoft’s configuration management policy. This policy is executed through SOPs, including the Microsoft Change Management Standard, and Azure’s Software and Hardware Change and Release Management SOPs.
The Azure SOPs cover the change management process around information system design, development, and implementation of changes and align with Microsoft’s Security Development Lifecycle process.
Except for pre-approved ones, all Azure production changes require review approval, the type of which depends on the team and change. Changes are tracked in an automated system.
For additional details please refer to: https://servicetrust.microsoft.com/viewpage/FedRAMP - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Azure uses integrated deployment systems to manage the distribution and installation of security updates for Microsoft software. Azure also drawd on the resources of the Microsoft Security Response Center (MSRC). The MSRC identifies, monitors, responds to, and resolves security incidents and cloud vulnerabilities around-the-clock, every day of the year.
Vulnerability scanning is performed on server operating systems, databases, and network devices. The vulnerability scans are performed on a quarterly basis at a minimum. Azure contracts with independent assessors to perform penetration testing of the Azure boundary. Red-team exercises are routinely performed, and the results are used to make security improvements. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Azure security uses active monitoring tools like the Microsoft Monitoring Agent and System Center Operations Manager, configured to alert personnel in urgent situations. Azure continuously monitors and detects risks using machine learning algorithms, even when devices are offline. Upon detecting potential compromises, Microsoft follows a structured incident response process, conducting thorough investigations and taking immediate action to contain the exposure. Security controls are implemented across workloads to protect assets.
The Initial Response Time varies with both the support plan and the Business Impact of the request (Severity). Please visit: https://azure.microsoft.com/en-us/support/plans/response/ - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Microsoft implements a security incident management process to facilitate a coordinated response to incidents. If unauthorized access to customer data occurs, Microsoft takes the following actions:
- Promptly notifies the customer of the security incident.
- Promptly investigates the security incident and provides customers detailed information about the security incident.
- Takes reasonable and prompt steps to mitigate the effects and minimize any damage resulting from the security incident.
We have an incident management framework that defines roles and allocates responsibilities.
The Azure security incident management team manages security incidents, including escalation, and involving specialist teams when necessary.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Other
- Other virtualisation technology used
- Microsoft uses a combination of virtual machines (VMs), virtual disks, data virtualization, and container technologies, automatically deployed through Azure Resource Manager (ARM) templates to enable a dynamically scalable and resource-rich data platform.
- How shared infrastructure is kept separate
-
Azure enables resource and data isolation for different tenants sharing infrastructure through:
- Tenant Level Isolation: Each Azure subscription is linked to a Microsoft Entra directory, ensuring logical isolation and preventing co-tenant access.
- Azure Virtual Network (VNet): This ensures each customer’s private network traffic is logically isolated from others.
- Isolated VM Sizes: Azure provides isolated VM sizes dedicated to a single customer, ensuring your VM is the only one on that server instance. These mechanisms maintain privacy, security, and compliance standards by keeping each tenant’s data and applications separate and secure on shared infrastructure.
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
-
Microsoft datacentres adhere to the EU Code of Conduct for Energy Efficiency in Data Centres through a variety of best practices and measures:
Power Utilisation Effectiveness (PUE): The EU Code of Conduct for Data Centres uses PUE as a key metric to assess the overall efficiency of a datacentre. PUE represents the ratio of total datacentre input power to IT load power. The lower the PUE value, the higher the efficiency of the facility. The goal is to achieve a PUE close to 1.0.
Monitoring and Improvement: By regularly monitoring PUE, datacentre operators can identify areas of inefficiency and implement targeted energy-saving measures. Companies demonstrating the effective adoption of the Code of Conduct best practices are eligible for the annual EU Code of Conduct in Data Centres Awards.
Adoption of Best Practices: The Code of Conduct encourages datacentre operators to adopt best practices that reduce energy consumption and promote sustainability.
Assessment Framework: The Code of Conduct provides auditors with the tools to assess if datacenters apply the practices correctly. Microsoft’s commitment to energy efficiency and sustainability is also demonstrated by the aim to power its datacenters with 100% renewable energy.
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Microsoft’s approach to addressing the climate crisis starts with the sustainability of our own business. In 2020, we made a bold set of commitments: to be a carbon negative, water positive, zero waste company that protects ecosystems—all by 2030. Three years into this journey, we remain steadfast in our commitment. 2022 was a reminder that to mitigate the most severe impacts of climate change, our commitments need to extend beyond our four walls, and we must continue to accelerate investments that will enable progress for decades to come.
In 2022 we launched Microsoft Cloud for Sustainability, a comprehensive suite of enterprise-grade sustainability management tools. We also helped to advance a set of global sustainability initiatives that aim to benefit every person and organization on the planet. These include accelerating the availability of new climate technologies through our Climate Innovation Fund, strengthening our climate policy agenda, helping to develop a more reliable and interoperable carbon accounting system, advocating for skilling programs to expand the green workforce, and working to enable a just transition for the vulnerable populations of the global south.
Microsoft has an important role to play in developing and advancing new climate solutions, but also recognize that the climate crisis can’t be solved by any single company, organization, or government. The global community needs partnerships, new innovations, policies, and global commitment to ensure a healthy future for all.Covid-19 recovery
In response to the COVID-19 pandemic, we continue to focus on protecting public health by providing tools and technology to health care providers and researchers, to better understand the virus, its transmission, treatment and potential vaccine. A few of the specific actions we are taking include:
-Using Azure high-performance computing capabilities and our data scientists and Microsoft researchers to protect public health. For example, our expanded commitment to our AI for Health Program, dedicating $20 million in funding to aid COVID-19 researchers.
-Through AI for Health, our funding projects used data to help public health authorities make informed and effective decisions, help healthcare providers respond to the immediate crisis safely and effectively, and accelerate scientific efforts to understand and treat COVID-19 and develop a vaccine.
-We have awarded more than 150 grants through AI for Health to organizations tackling the COVID-19 pandemic, including:
1. The Duke University (they addressed the ventilator shortage)
2. COVID-19 Moonshot project by UCB that leveraged Azure to screen targets and potential entities for research.
3. Folding@home, a global organization using distributed computing to research COVID-19 proteins and inform new therapies.
- Contributing to the COVID-19 Open Research Dataset, representing the most extensive machine-readable coronavirus literature collection available for data and text mining to date, with more than 130,000 scholarly articles.
- Microsoft’s subsidiary GitHub is also hosting important data on the spread of COVID-19, making it easier for researchers to use and analyze this vital data. We also use this data to develop visualizations in Power BI to support policymakers around the world as well as deliver a real-time public view of the progress we’re making together to heal the world.Tackling economic inequality
Inclusive economic growth is our commitment to leaving no one behind. Our global social impact work centers around “skills for jobs,” ensuring that everyone has access to the skills, technology, and opportunities needed in a digitized world.
In the UK, our GetON Campaign has helped 1.5 million people build tech careers and connected 300,000 to tech job opportunities. The Digital Skills Hub offers free training and certifications, customisable to specific needs.
Apprenticeships play a crucial role. Collaborating with social enterprise GetMyFirstJob, we’ve created the Microsoft Connector platform, bridging seekers and partners for apprenticeship opportunities. Recent research shows that 23% of Microsoft IT apprentices in 2021-23 came from the most deprived quintile in England, highlighting the power of apprenticeships for economic prosperity and social mobility.
Our business thrives on collaboration and partnership. With over 40,000 UK organizations in our ecosystem, employing 570,000 people, we maximise social and economic impact through joint efforts. Our Partner Pledge focuses on digital skills, apprenticeships, diversity, responsible AI, and sustainability.
Microsoft’s mission is to empower every person and organisation, with inclusiveness at its core. We actively address workforce inequality by:
Diverse Hiring: Believing diversity accelerates innovation and contributes to economic equality.
Skills Development: Providing ongoing training for employees’ growth.
Pay Equity: Regularly reviewing compensation for parity.
Employee Resource Groups (ERGs): Supporting career development and community engagement.
Transparency: Sharing diversity metrics and progress publicly.
We collaborate with external organizations to provide underrepresented communities access to digital skills. Our commitment extends to partners, encouraging diversity and inclusion. Joining the UK Government Disability Confident Scheme and initiating the Partner Pledge has inspired over 300 partners to promote diversity in the tech sector.Equal opportunity
Microsoft recognizes that a diverse workforce is essential to innovation and growth. We promote a cooperative and productive work environment by supporting the cultural and ethnic diversity of our workforce, and are actively committed to providing equal employment opportunity to all qualified employees and applicants. We have many initiatives and programs in place to promote diversity and inclusion, including employee resource groups, diversity and inclusion training, and partnerships with organisations that support underrepresented groups.
We maintain a work environment free from discrimination, one where employees are treated with dignity and respect. All employees share in the responsibility for fulfilling Microsoft's commitment to equal employment opportunity.
Microsoft does not discriminate against any employee or applicant on the basis of age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We adhere to these principles in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, social and recreational programs, and discipline. In addition, it is the policy of Microsoft to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations and ordinances where a particular employee works. We are committed to equally opportunity practices as demonstrated in the following links:
https://careers.microsoft.com/us/en/legalpolicies
https://www.microsoft.com/en-us/diversity/default.aspx
https://www.microsoft.com/en-us/diversity/inside-microsoft/default.aspx
Microsoft is committed to equal opportunities employment practices. Microsoft policies on managing and developing workforce, how to empower employees and Inclusive hiring can be found here:
https://www.microsoft.com/en-us/corporate-responsibility/empowering-employeesWellbeing
Microsoft has implemented several initiatives to foster the wellbeing of its employees:
Microsoft Viva: Microsoft Viva is an employee experience platform that fosters a culture of wellbeing and improves productivity. It provides data-driven, privacy-protected insights and recommendations to help improve employee wellbeing.
Work-Life Integration: Microsoft promotes work-life integration, which is the natural evolution of work-life balance. In many flexible employment situations, the boundaries between work life and home life are blurred. This makes it even more important to consider how work—and the rest of life—are more integrated than we might think.
Mental Health Resources: Microsoft has deeply invested in mental health resources as an integral part of employee wellbeing, through its benefits package and workplace culture.
Employee Empowerment: Microsoft focuses on bringing out the best in people, supporting their goals, and allowing them to find deep meaning in their work. They strive to create a respectful, rewarding, diverse, and inclusive work environment.
Diversity and Inclusion: Microsoft believes in empowering everyone on the planet and sees diversity and inclusion as core to its business model. The better they represent diversity inside Microsoft, the better they’re able to innovate for those they seek to empower.
Learning and Development Opportunities: Microsoft provides personalized, integrated, and relevant views of all learning opportunities on Microsoft Learning and LinkedIn Learning. They also offer frequent promotion opportunities.
Benefits and Rewards: Microsoft develops dynamic, sustainable, and strategic programs that together provide a highly differentiated portfolio to attract, reward, and retain top talent.
Pricing
- Price
- £10.85 a unit
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
-
Depending upon the service there are range of trial offerings available.
A free trial of Azure is available at https://azure.microsoft.com/en-gb/free/search/?ef_id=_k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&OCID=AIDcmm3bvqzxp1_SEM__k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&msclkid=d00f79182b1a1d5b7a5a1f0d4a8f4aaf - Link to free trial
- https://azure.microsoft.com/en-gb/free/search/?ef_id=_k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&OCID=AIDcmm3bvqzxp1_SEM__k_d00f79182b1a1d5b7a5a1f0d4a8f4aaf_k_&msclkid=d00f79182b1a1d5b7a5a1f0d4a8f4aaf
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at msukservices@microsoft.com.
Tell them what format you need. It will help if you say what assistive technology you use.