{"id":8437,"date":"2023-04-17T08:00:18","date_gmt":"2023-04-17T15:00:18","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=8437"},"modified":"2023-06-30T13:19:23","modified_gmt":"2023-06-30T20:19:23","slug":"simplifying-compliance-evidence-management-with-microsoft-azure-confidential-ledger","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/simplifying-compliance-evidence-management-with-microsoft-azure-confidential-ledger\/","title":{"rendered":"Simplifying compliance evidence management with Microsoft Azure confidential ledger"},"content":{"rendered":"
The Microsoft Digital Employee Experience (MDEE) team is using Microsoft Azure confidential ledger to create a centralized evidence store to streamline auditing needs. This evidence store enables teams from across Microsoft to store records and data related to regulatory compliance in a single location. A single collection point simplifies evidence storage for developers and compliance managers, and it also provides a single access point for auditors.<\/p>\n
Microsoft Azure confidential ledger gives the team a head start on managing evidence records. Based on a permissioned blockchain model, Azure confidential ledger offers unique data-integrity advantages, including immutability, making the ledger append-only and tamper proof. This structure helps ensure that all records are kept intact.<\/p>\n
In our environment, proving that some action occurred, or piece of data existed can be difficult, especially after some time has passed. The solutions we\u2019re building around Azure confidential ledger provide an attested, reliable source of truth for our teams to use for compliance-related data.<\/p>\n
\u2014Martin O\u2019Flaherty, principal PM manager, Microsoft Digital Employee Experience<\/p>\n<\/blockquote>\n
The confidential ledger runs exclusively on hardware-backed secure enclaves, a heavily monitored and isolated runtime environment that keeps potential attacks at bay. No one is above the ledger, not even Microsoft. Azure confidential ledger runs on a minimal trusted computing base (TCB), which prevents access to ledger service by developers, datacenter technicians, and cloud administrators.<\/p>\n