You can review audit reports and compliance-related information for azure services from
Microsoft Azure Security Best Practices for 2021Because there is such a wide variety of Azure services, no one-size-fits-all security “recipe” will ensure you’ve optimized your security posture. However, as you break down the different aspects of Azure to more specific categories, you’ll discover actionable best practices you can implement. Let’s look at those categories and the resulting Azure security best practices. Show
But First, the Prerequisites: The Shared Responsibility Model and Principle of Least PrivilegeBefore you dive into specific Azure security best practices, be sure you understand the basic security paradigm on the platform: Azure’s shared responsibility model. In short, the shared responsibility model means Microsoft is responsible for security of the cloud, while you’re responsible for security in the cloud. The demarcation point between the two varies depending on the specific product type. For example, with a SaaS app, Microsoft is responsible for operating system security. However, with an infrastructure-as-a-service (IaaS) product, you’re responsible for operating system security. Understanding where that dividing line lies for your Azure infrastructure is a must. Additionally, in all cases, you should follow the principle of least privilege. While how you implement the principle of least privilege will vary depending on your workloads and apps, the idea stays the same: grant users, devices, apps, and services only the access they need and nothing more. For example, with an Azure database, as opposed to granting everyone read access to the entire database, you can and should use row-level security to restrict access down to database rows. Azure security best practices checklistWith the prerequisites out of the way, let’s dive into the checklist. We’ll take a look at individual aspects of Azure and provide specific actionable items your team can audit against. Encryption and data securityData breaches are one of the biggest threats to your security posture. Therefore, getting your encryption and data security right is a must. This checklist will help you make sure you’re on the right path, and applies to any area of Azure that consumes, transmits, or stores sensitive data.
Storage and database securitySecuring your databases is a critical element of your overall security posture. Additionally, in many cases it is a must from a compliance perspective. Here is where you should start with database security in Azure.
Workloads and Virtual Machine ProtectionThis section of our Azure security best practices checklist deals with virtual machines and other workloads. There are a few other best practices that will help you to protect your resources in Azure:
Cloud Network SecurityNetwork security is an important aspect of keeping your Azure workloads secure. Here are the Azure security best practices to keep in mind for your cloud networks:
ComplianceMaintaining compliance is one of the most important aspects of security in the Azure cloud. Here are our recommendations to help you do just that.
Improving Azure Security with The Check Point Unified Cloud Security ApproachAs you can see, a lot goes into achieving security in the Azure cloud. To help enterprises streamline the process and implement cloud security best practices at scale, we developed the Check Point Unified Cloud Security Approach. Based on the principles in that unified approach, Check Point CloudGuard is the ideal tool to help you implement these cloud security best practices. To learn more about Azure security and how Check Point can help you, download the free Achieving Cloud with Confidence in the Age of Advanced Threats whitepaper where you’ll learn:
Alternatively, if you want to evaluate your current cloud security posture, sign up for a free security checkup. After the checkup, you’ll receive a comprehensive report detailing items such as number of malware infections, threats to endpoints and smart devices, bot attacks and intrusion attempts, use of high-risk applications, and loss of sensitive data. Where can you go to check the regulatory compliance of your organization's Azure environment?In the Azure Security Center regulatory compliance blade, you can get an overview of key portions of your compliance posture with respect to a set of supported standards.
How do I check my compliance in Azure?To check the compliance offerings status:
Sign in to the Azure portal. Navigate to Defender for Cloud > Regulatory compliance. Select Compliance offerings.
Which portal should you use to view the audit and assessment reports?The Microsoft 365 Security & Compliance Center, Microsoft 365 Defender portal, and Microsoft Purview compliance portal are one-stop portals for protecting data in your organization, and they include many auditing and reporting features.
Where can you go to see what standards Microsoft is in compliance with?Within the Microsoft Compliance center, you can view your organization's compliance score.
|