Diligence in security implementation for your Microsoft Azure resources is critical. Here are just a few of the ways you can quickly improve your security posture in Azure:
Use Security Policies
Not only can you define policies for your entire Azure subscription, you can also tailor them for each resource group based on your company’s security requirements or to the sensitivity of the data. Different resources may have different security requirements, such as applications with Personally Identifiable Information, so they may require a higher level of security. Resource groups can inherit security policies from the subscription level or be unique. Being proactive is key with security, so visit the security center and start to define those policies. Two things to consider:
- “Data collection” enables data collection for a security policy, which provides daily scanning of all supported virtual machines for security monitoring and recommendations and collection of security events for analysis and threat detection.
- “Show recommendations for” allows you to choose the security controls that you want to monitor and the recommendations that you want to see based on the security needs of the resources within the subscription.
Use Security Recommendations
It’s easy to get started with your security implementation using the recommendations provided in the Security Center. The tool analyzes the security state of your Azure resources to identify potential security vulnerabilities and gives you a list of recommendations to guide you through the process of configuring needed controls. For example, a recommendation might be provisioning anti-malware to help identify and remove malicious software or configuring network security groups and rules to control traffic to VMs. To begin, click the “Recommendations” tile for the list of recommendations. Click each recommendation to view additional information or take action to resolve the issue.
Check Resource Health
The “Resource Security Health” tile shows the overall security posture of the environment by resource type including, but not limited to, VMs and web applications. By selecting a resource type, you can view more information, including a list of any potential security vulnerabilities that have been identified, allowing you to take action.
Act on Security Alerts
When threats are detected, a security alert is created. The Security Center automatically collects, analyzes, and integrates log data from your Azure resources, the network, and partner solutions like anti-malware programs and firewalls so that when threats are detected, a security alert is created. From brute force attacks to communicating with malicious IP addresses, security alerts will display a list of prioritized alerts. Selecting an alert shows more information about the attack and provides suggestions for how to remediate it.
There you have it. Four quick security wins for Azure!