I doubt that's the case. I've been working in/near enterprise sales for quite a while now. Security is considered unglamorous table-stakes: companies won't buy your stuff because you're doing all the right things, but they'll definitely not buy your stuff if you're not.
Giant products like AWS and Azure are too big to grill about their security controls. If you try to ask an AWS rep about something, they'll direct you to their security portal where you can download a SOC2 report and a few other things. That's about all you'll get from them unless you're equally huge. The most you can really go by is their reputation. If you trust AWS, buy their product. If you don't, don't. That's all the prior research a typical < 10,000 employee business can possibly do.
My suspicion is that your friend is only talking to clients who've vetted Azure and figured "it's Microsoft: they're big so they probably know more about it than I do". It's not that they don't care. It's that there's nothing they can do about it. The people who don't already trust Azure would never have gotten as far as talking to your friend in the first place.
Giant products like AWS and Azure are too big to grill about their security controls. If you try to ask an AWS rep about something, they'll direct you to their security portal where you can download a SOC2 report and a few other things. That's about all you'll get from them unless you're equally huge. The most you can really go by is their reputation. If you trust AWS, buy their product. If you don't, don't. That's all the prior research a typical < 10,000 employee business can possibly do.
My suspicion is that your friend is only talking to clients who've vetted Azure and figured "it's Microsoft: they're big so they probably know more about it than I do". It's not that they don't care. It's that there's nothing they can do about it. The people who don't already trust Azure would never have gotten as far as talking to your friend in the first place.