4 Azure security features you must know about

Hosting on the Microsoft Azure platform is a fast and simple method to deploy and manage web-based applications. Countless organisations are already enjoying the advantages with rapid adoption seeing Azure revenue growing 98 percent year-over-year (February 2018)1.

However, it’s still critical to secure these apps and servers with the same level of security as you would in an on-premises data centre.

Let’s take a closer look at the two security tiers Azure provides:

  • The Free tier is automatically enabled on all Azure subscriptions and provides security policy, continuous security assessment and actionable security recommendations to help you protect your Azure resources.
  • The Standard tier extends the capabilities to include workloads running in private and other public clouds, providing unified security management and threat protection across your hybrid cloud workloads. This tier also adds advanced threat detection capabilities, which uses built-in behavioural analytics and machine learning to identify attacks and zero-day exploits, plus access and application controls to reduce exposure to network attacks and malware, and more.

In this blog, we’ll explore the four key security capabilities that you need to understand to ensure your Azure deployments are protected:

  • Integrated virtual machine security – Free tier
  • Just-in-time virtual machine access – Standard tier
  • Adaptive application controls – Standard tier
  • File integrity monitoring – Standard Tier

Integrated VM Security

When creating VMs on Azure’s IaaS platform, you’re getting a blank canvas to work with. Enabling Azure’s Security Centre is a smart first step to quickly determine the security posture of your VMs and discover recommended actions and risk mitigations. While you can then ensure you take specific steps to configure security options, having a default security policy that is automatically applied to all new VMs protects you in the event that other teams in your organisation also create VMs without thinking about security.

You can customise that policy as needed to include protections such as what can and can’t run, what ports are open, and what is shut down. It can then be applied to all new VMs without any admin intervention at all.

The security set can also be run across existing VMs to provide detailed insights in to what protection may be missing, what risks there are and any other warnings that you wouldn’t have otherwise known about.

Just-in-Time (JIT) VM Access

As you know, the minute you connect a Public IP address to the internet it comes under brute force attacks. These attacks commonly target management ports like RDP or SSH to try and gain access to the VM.

JIT VM access allows you to limit access to virtual machine management ports. These ports are only opened when you need them and when finished, they’re automatically shut off again, reducing the vector for security attacks.

Adaptive Application Controls

There are two levels of Security Centre access you have with Azure. The default access is already included providing a comprehensive set of capabilities, while an advanced option provides additional machine learning and analytics.

By upgrading to the advanced option, you can use machine learning to recommend applications that should be whitelisted, as well as recommendations for file types such as MSIs and scripts. You can also group VMs based on the similarity of applications running on them making it easy to block unwanted applications and malware.

File Integrity Monitoring

Azure Security Centre is continuously monitoring the behaviour of the registry and configuration files to protect the integrity of your system and application software.

If an abnormal change to the files or strange behaviour is detected, Security Centre will create alerts to the administrator allowing your team to investigate and take remedial action.

Security Centre also integrates with many third-party solutions. For example, Palo Alto’s VM Series Next-Generation Firewall integrates seamlessly providing additional threat detection and unified health monitoring while simplifying deployment.

Azure Active Directory

These integration capabilities also extend to Active Directory. By integrating with a solution like Symantec Web Security Services (WSS), you can set user and group policy rules to manage access and enable rich enterprise-class single sign-on out of the box.

Azure Active Directory also includes a simple step-by-step user interface for connecting WSS, further enhancing the seamless integration.

While these are just a small set of the total security features available in Microsoft Azure, they provide some advanced security capabilities that will complement your existing security solutions. For more information contact Data#3 today.



Tags: Cloud, Consulting, Hybrid IT, Identity Management, Integrated Virtual Machine Security, Managed Services, Microsoft, Microsoft Azure, Microsoft Azure Security Centre, Public Cloud, Ransomware, Security


Subscribe to our blog


Customer Story: A Cisco Firepower Case Study

Cisco Firepower Strengthens Organisational Cybersecurity Defences Objective As a large organisation that places a high priority on IT security to…

Customer Story: Surfers Paradise Surf Life Saving Club

Surfers Paradise Surf Life Saving Club Swells Productivity with Microsoft 365 Efficiencies Objective The Surfers Paradise Surf Lifesaving Club (“SPSLC”)…

Looking beyond the lift-and-shift: Unlock the true power of Azure

40% of organisations say that controlling cloud costs is their top challenge1 when they migrate to public cloud, but done…

Customer Story: A Managed Services Case Study

Managed Services Partnership with Data#3 Breathes New Energy into IT Outcomes Objective After struggling to find a managed service provider…

Customer Story: Glencore Coal Assets Australia

Easy to manage, all-in-one data protection Business Needs With extensive operations across multiple sites and data growth of up to…

Customer Story: Banksia Montessori School

Banksia Montessori School Powers Collaboration with Microsoft 365 Mail Migration Objective Staff at the Banksia Montessori School had a very…

Q&A with the Data#3 Group Security Practice

The Data#3 group Security practice spans a national team of experienced individuals with decades of combined…

Predict and Prevent with Splunk ITSI: 6 Customer Stories

Too many alerts, too little time In Asia Pacific 69%1 of companies receive more than 5,000 threats a day –…