Our Azure products and services come with comprehensive security features and configuration settings. They are mostly customizable (to a point), so you can define and implement a security posture that reflects the need of your organization. But adopting & maintaining a good security posture goes far beyond turning on the right settings.

Mark Simos, lead Cyber security architect for Microsoft, explored the lessons learned from protecting both Microsoft's own technology environments and the responsibility we have to our customers, and shares the top 10 (+1!) recommendations for Azure security best practices.

Here's the list:

1. People: Educate teams about the cloud security journey

2. People: Educate teams on cloud security technology

3. Process: Assign accountability for cloud security decisions

4. Process: Update Incident Response (IR) processes for cloud

5. Process: Establish security posture management

6. Technology: Require Passwordless or Multi-Factor-Authentication

7. Technology: Integrate native firewall and network security

8. Technology: Integrate native threat detection

9. Architecture: Standardize on a single directory and identity

10. Architecture: Use identity-based access control (instead of keys)

11. Architecture: Establish a single unified security strategy

Read the full article