G ‘day, I am Vic Perdana, Sr. PFE based in Melbourne, Australia.
As COVID-19 forces people to work from home, the number of bad actors is ramping up as demonstrated by the increase of cyber-attacks globally, it is becoming *very* important to educate ourselves with ways we can protect our IT assets from being compromised.
IT Security is no longer a responsibility of the Security team but is everyone's responsibility. Moreover, as an IT engineer we have unprecedented responsibility to ensure that our system is secure especially as we expand our footprint to the cloud. I often get asked, how secure is cloud? And as you know the answer is "it depends" on how much investment you're willing to make to ensure it is secure. In Azure, we provide tons of security features, but not all customers are aware of these and this is the very reason this offering was created.
The Offering Overview
Within Microsoft Services, we provide a variety of support offerings which educate customers on several Azure Security-related features, and here the focus is our WorkshopPLUS Azure Security Best Practices.
The workshop introduces pivotal security controls to kickstart and improve your security journey in Azure. WorkshopPLUS designation signifies that hands-on labs will be part of the delivery experience. This enables you to implement various security concepts learned from Premier Field Engineer (PFE) knowledge sharing sessions and equips you with practical experience in a lab environment.
The content of this offering is a mix of governance, administration and security best practices at a L200-300 level which focuses on the breadth of Azure security topics.
Azure Security Foundation
This module sets up the context of cloud security and not only applicable to Azure. Many customers may have a misconception cloud is not secure or the opposite, by moving to the cloud we are automatically secured. We will revisit the basic security concepts that are applicable to both on-premises and cloud environments plus a review of the shared responsibility concept of cloud security.
Bruce Schneier famously mentions "security is a process, not a product" and here's why you will examine this further by emphasizing that onboarding the whole organization in the security journey (the process) is a mandatory pre-requisite for a successful impact of configuring security services (the product). You will be introduced to relevant security components related to Azure Governance such as Subscription Management, Role-Based Access Control (RBAC), Azure Policy, Blueprints.
Azure Identity Protection
Identity is the modern security perimeter; hence, it is vital to understand the security controls and features available in Azure to secure our identity both on-premises and in the cloud. That’s why we start the module by revisiting our Securing Privileged Access (SPA) roadmap as it is still applicable when you go to the cloud.
Next, you are introduced to Azure advanced protections such as Conditional Access, Identity Protection, and various Azure Active Directory identity governance services which includes Access Reviews, Privileged Identity Management, and Entitlement Management.
Azure Network Security
As we extend our IT footprint to the cloud, our assets will no longer be within the perimeter of our data center.
In this module you will be introduced to modern network security controls and features in Azure that will allow you to extend and connect your on-premises networks securely, such as Express Route, DDoS protection, Azure Firewall, Network Security Groups, WAF, and much more.
Azure Data Protection
As Security professionals, protecting data is ultimately our objective; hence we will spend quality time in educating our customers on fundamental Azure services that will help with our mission to protect data. Azure Key Vault is one of the core services which will be discussed including how we can leverage this effectively in a Business as Usual (BAU) setting. We will also walkthrough features to secure services our customers use to store their data e.g., Azure Storage, Azure SQL, and Azure Information Protection.
This module demonstrates the use of Key Vault in a Web App coupled with Managed Identity. Deployment acceleration method with DevOps is widely used, we will cover the importance of embedding security in a DevOps process using Secure DevOps Kit.
This is the module where we put things together and provide practical information related to our flagship Security services in Azure: Azure Security Center and Azure Sentinel. We will also cover relevant technologies supporting these Security features such as Log Analytics, Activity Logs, and Azure Monitor.
This is a 3-day delivery (onsite or remote) led by an accredited Premier Field Engineer (PFE). While we focus on the breadth of Azure security topics, we will be discussing implementation areas that provide highest impact to your organization.
Pre-engagement scoping call to highlight the overall engagement, including pre-requisites for a successful delivery.
Knowledge Transfer and labs sessions
Azure Security Foundation
Azure Network Security
Virtual Machine Security
Wrap up with a top 10 Azure security best practices
*For a closed workshop, there is an option to focus on some parts of the topics, but this needs to be agreed in advance as part of a scoping call.
Cybersecurity is a hot topic and there is no single product or a quick fix (band-aid) that can be applied to address security challenges. This recent post from our National Security Officer highlights the importance of keeping our security hygiene in check.
Taking up this offering is a great start to kickstart and boost your security journey as you extend your IT footprint to the cloud.
What are you waiting for, ask your TAMs to reserve a spot! :)
As of this writing, the above modules are in scope, however, they are subject to change as Azure Security offerings and the offering evolve responding to customers feedback.