Jul 28 2021 04:30 PM - edited Jul 28 2021 04:31 PM
Jul 28 2021 04:30 PM - edited Jul 28 2021 04:31 PM
Microsoft Azure: Importance of security and securing your platform
COVID-19 crisis accelerated the demand of cloud computing and has turned cloud into an essential service for many organizations. It helps them not only save technology costs but also to seamlessly manage their operations remotely by creating virtual workspace, managing workforce, storing crucial data, supporting various other workloads and operate at scale.
With the rapid adoption of cloud like Azure, AWS and GCP the threat environment has evolved.
Security threats are constantly evolving, and cloud computing is no less at risk than an on-premise environment. Businesses face many challenges with securing their datacenters, finding the security experts, using many security tools, and keeping pace with the volume and complexity of threats. Hackers can access the structured and unstructured data stored on the cloud from anywhere.
Every company should be monitoring closely in the coming months is cloud security. Organizations need a single pane of glass to gain visibility and define consistent security policies and setup processes to protect cloud computing environments, applications, data, and information to remain secure and ensure that data privacy and compliance requirements are met. Cloud security involves rules securing cloud environments against unauthorized use/access, distributed denial of service (DDOS) attacks, hackers, insecure interfaces, malware, and other risks. The first step in securing Azure environment is to find the area of scope to assess and protect.
Cloud security begins with a Cloud Assessment. Some of the key areas of focus are:
Identity and Access Management (IAM)
Roles in Azure AD
Restrict the administrator access
limit subscription owners
Policies for access
Account Structure and Governance
Azure Virtual machine and related configuration
Network Access control
Secure remote access
Azure DDoS protection
Data collection and storage
Storage service encryption
Azure Storage Analytics
Azure Storage Shared Access Signatures
Azure Storage Account Keys
Threat intelligence monitoring
Threat protection and remediation
There are various benefits:
· Centralized security
· Low cost
· Low latency
· Reduced administration
· High Availability
· Response Time
· Data security
· Regulatory Compliance
· Gain visibility
· Find misconfigurations
Microsoft has various built in Azure services integrating security that help you protect your data, resources, implement policy compliance, conduct vulnerability, and meet the security needs of your business.
· Azure Sentinel: Security information and event management (SIEM) tool based on AI to analyze to detect incidents and threats and protects all cloud-based data, information, and on-premises apps intelligently. Azure Sentinel can collect data from all sorts of data sources and 3rd party connectors.
· Azure Security center: Azure Security Center (ASC) is a service on the Azure Portal which helps you protect your Azure resources BY strengthening the security posture of your data.
· Azure Key Vaults: Azure Key Vault is a cloud service that provides a secure store for secrets, protect Passwords, Connection Strings, Secrets, Data encryption/decryption keys uses by cloud applications and services.
· Azure Advisor: Advisor is a personalized cloud dashboard that helps you follow best practices across azure resources and optimize azure resources for cost effectiveness, performance, high availability, and security of your Azure resources by providing personalized recommendations.
· Azure Monitor: It is a native monitoring solution and collecting logs and metrics in the background from all the azure resources. Azure monitor provides capabilities to create alerts, monitor performance, troubleshoot issues, and create dashboards for visibility of the whole azure tenant.
· Azure Service Health: Azure Service Health provides personalized alerts and guidance when Azure service issues affects. It helps you stay informed and act, with alerts for outages and a personalized dashboard for service issues.
· Log Analytics: Log Analytics is a tool in the Azure portal used to edit and run log complex queries for any sort of log data including custom data by Azure Monitor Logs and interactively analyze their results
· Application Insights: is an extensible Application Performance Management (APM) service which provide a customized monitoring experience for Azure services. Application Insights is aimed at the development team, to help understand how app is performing and how it’s being used.
Azure provides rich set of solutions and resources and implementation options that all affect the security of infrastructure, applications, and stored data. Organizations need to understand cloud security, when implementing these security tools, security best practices such as encryption, authentication, right configuration of the services and various other factors need to be considered to secure the cloud environment.
Azure offers security, monitoring, and automation services that help users to run services and store data securely but expects users to follow best practices via various azure security tools.
Azure Security Assessment is important to make sure that Azure architecture and implementation against Microsoft’s recommended security best practices are configured correctly to protect the cloud environment and do not possess immediate risks to the organization.
Securing your environment helps in :
-Provide confidence that the customer data and resources are adhering to security and regulatory requirements.
-migration of a system or data to the cloud and ensure it will not introduce new or unidentified risks into your cloud environment.
-Recommend actions to remediate areas that do not comply with security best practices
-Plan and manage the end-to-end assessment process with defined standards and deliverables
-Help the customer understand the risks
-Educate the cloud administrators