Latest Posts

Azure Security Best Practices

This post summarizes some collected best practices from online for Microsoft Azure Security. 

Azure Security Technologies

EMS- Licensing Details  - E3 vs E5


Technologies

Threat Protection

  • Exchange Online Protection
  • Office 365 Advanced Threat Protection (Protection for email, Office clients, Sharepoint Online, OneDrive for Business, Microsoft Teams)
  • Office 365 Threat Intelligence (from user accounts, Attacks, Phishing, Enterprise security, System updates, Denial of service, Spam, User log-ins, Malware, Device Log-ins, Data Encryption, Unauthorized data access, MFA)
Information Protection
  • Data Loss Prevention
  • Office Message Encryption
Security Management
  • Security & Compliance Center
  • Microsoft Cloud App Security
  • Secure Score
Compliance Solutions

  • Advanced Data Governance (enables customers to achieve organizational compliance by intelligently leveraging machine assisted insights to find, import, classify, set policy and take actions on the data that is most important to them)
  • Advanced eDiscovery
  • Compliance Manager - GDPR-Compliance Manager Tool
  • Customer Lockbox
  • Secure Assurance

Other Security Tools

  • CASB
  • SIEM
  • MDR

Azure Security Features:






Office Malicious Content Detection




Shared Responsibility model for cloud security


1  AWS - Shared Responsibility Model


2  Azure: - Shared Responsibilities for Cloud Computing




3  CIS: Shared Responsibility for Cloud Security: What You Need to Know


Sources:
1. Microsoft Azure, https://docs.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
2. Amazon Web Services, https://aws.amazon.com/compliance/shared-responsibility-model/



Azure Security Reference Model



1  Reference Design - Azure Administration Model




2  Best practices and tips to secure your hybrid cloud environment



2  Best practices - Identity & Access Management

  • Centralize Identity management. Designate a single Azure AD directory as the authoritative source.
  • Enforce SSO and Multi Factor Authentication.
  • Leverage Azure RBAC with Privileged Identity Management.
  • Actively monitor for suspicious activities using AAD anomaly reports.
  • Use Azure AD for storage authentication.






3  Best Practice - for Azure Storage

Advanced Threat Protection for Azure Storage
Alerts on anomalous access & potential data exfiltration
Investigation & remediation guidance
Alerts in Azure Security Centor

Note: Advanced Threat Protection for Storage Alerts


4  Best practices — Apps and Data security
Leverage Key Vault to store cryptographic keys and secrets. Control access through RBAC
Manage Azure Key Vault access at Management plane and Data plane
Encrypt data and rest and dbta in transit. Use client-side encryption for high value data
Leverage Advance Data Security (ADS) for Azure SQL
Leverage Azure Security Center to identify assets that do not have encryption at rest enabled


5  Best practices — Network Security
Adopt a Zero Trust approach
Control routing behavior and avoid implications of default routes
Disable RDP/SSH Access to virtual machines over internet
Choose whether to use Native Azure Controls or 3rd party Network Virtual Appliances (NVAs) for
internet edge security (North-South)
Simplify NSG rule management by defining application security groups (ASGs)







6  Protect Linux and Windows Servers from Threats

Best practices:
  • Reduce open network ports
    • Use Just-in-Time VM to control access to commonly attacked management ports
    • Limit open ports with adaptive network hardening
  • Block malware with adaptive application controls
  • Protect Windows servers and clients with the integration of Microsoft  Defender ATP and Linux servers




7  Protect your workloads from Threats - Use industry's most extensive threat intelligence to gain deep insights
Best Practices:
  • Detect & block advanced malware and threats for Linux and Windows Servers on any cloud
  • Protect cloud-native services from threats 
  • Protect data services against malicious attacks
  • Protect your Azure IOT solutions with near real time monitoring
  • Service layer detections: Azure network layer and Azure management layer (ARM)




Modern security operations and threat protection

Modern security operations and threat protection with Azure security center and Azure sentinel

Security Posture management with Secure Score

  • Gain instant insight into the security state of your cloud workloads
  • Address security vulnerabilities with prioritized recommendations
  • Improve your Secure Score and overall security posture in minutes
  • Speed up regulatory compliance










References







No comments