Last November Microsoft rolled out an update to SharePoint Online, part of Office 365, that enabled users to leverage BCS connections to consume and work with data that doesn’t live inside SharePoint Online. Unlike an on-premise deployment, the only BCS option available to users is to create external content types that connect to WCF services using the declarative only approach.
This differs from an on-premise deployment which external content types can also be connected to databases or be deployed as a .NET Assembly Connector. One challenge with this approach is the WCF service you’re connecting to can’t be secured… it’s wide open. Not great for an enterprise.
However Steve Fox has put up a blog post showing how to secure the service hosted in Windows Azure and consume this secure service with BCS in SharePoint Online. A great read!