security with microsoft azure
Security in IT is important. Security in IT is the matter and the responsibility of everyone, every stakeholders. Not just for security professionals, not just for SecOps. In IT solutions implementation, Security is like UnitTests, IntegrationTests, LoadTests and Monitoring, they are always low priority in the backlog. Something we postpone by thinking “we will do that later, just before going live, in Production” or even worst “it’s not important”… big mistake! You won’t do that later because you will be focused on new features and bug fix…
When implementing any IT solutions we should always have in mind best practices like:
- Reduce the surface of vulnerabilities
- For example: don’t expose publicly the stuffs which don’t need to be publicly accessible.
- Start with least privileges and zero trust approach
- For example: don’t give broad access and roles to user or automation tools, just grant them access to what they need to do.
- Segment the network design
- For example: use Network Security Group (NSG) to segment your infrastructure
Microsoft is taking Security very seriously like you could read with the Microsoft Cyber Defense Operations Center.
The Cyber Defense Operations Center brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the Center has direct access to thousands of security professionals, data scientists, and product engineers throughout Microsoft to ensure rapid response and resolution to security threats.
But Security is a shared responsibility, on your end, you could also leverage these resources and learn more about Security at Microsoft, especially with Microsoft Azure:
The Microsoft Cybersecurity Reference Architecture provides an interesting landscape of the Microsoft security products and services:
You will tell me that’s a lot, too much! Where to start in Azure? I recommend starting with Azure Security Center and Azure Sentinel. Give Azure Security Center a try, it’s free to start! And check out your Secure score, what does it tell you? The secret is to start earlier than later and start small. Add quick fix tasks and user stories as security implementations in your backlog. You could also watch this //build 2019 session DIY Azure Security Assessments, it will help you building your own backlog/todo list. You could also have a look at the new Azure Sentinel service, the cloud native SIEM service, very promising. If you are doing Docker and Kubernetes, with Azure Kubernetes Service, you have different concepts and tools to setup, here are 3 pointers for you to get started:
- Azure webinar series- Help Deliver Applications Securely with DevSecOps
- Enterprise security in the era of containers and Kubernetes
- Azure Kubernetes Services: Container Security for a Cloud Native World
- Mark Simos’s list
- Beyond the GDPR
- Security Practice Development
- Get Started With Developing Rich Security Applications
- Stopping threats with WAF at the edge
- DIY Azure Security Assessments
Do you want to practice with those tools and services? Do you want some hands-on experience? Here you are with those workshops, labs & trainings:
- Microsoft CISO Workshop
- How to Effectively Perform an Azure Security Center PoC
- Microsoft Cloud Workshop - Security baseline on Azure
- Microsoft Learn - Secure your cloud data Learning Path
- Microsoft Learn - Security, responsibility and trust in Azure