What do you know of Security in Azure? |Azure Security Practices ☁️
Let’s look at the problem, what is it really what we are trying to secure when talking about azure 🤗The best way to look into these problems is seeing through the attacker’s point of view. First of all, it is very important to get the knowledge about what they can buy from Dark Web.
We can hire an attacker to do all the works for you.
We can buy a Ransomware Kit. Probably these are for new folks which have just started as a criminal/attacker.
Compromised smartphones are still available and PCs are very cheap compared to others, but handheld devices are on average costly.
Spear phishing can be hired to take over someone’s account but it’s pretty pricey.
Stolen Passwords including, usernames and passwords are very cheap to find in Dark Web. Users using weak passwords such as birthdays, ID numbers have to lead to the attackers stole the easily and sell in dark sites.🥺🥺
One of the main things is Denial of Service, which can be brought down a website.
So, what security capabilities azure has to keep its customers safe from the above.
Native Threat Detection including native cloud-based SIEM(Azure Sentinel).
XDR Detection Response which is based on EDR, Endpoint Detection Response
This is a native threat detection which is having high-quality alerts and response and investigation.
Azure helps to secure all kinds of assets in their organizations that could be exposed to an attack; Azure, Azure AD, Windows, Linux, Android, IOS, and also for operational technology.
Collect cloud-based data from all customers, computers, software, and networks, both on-site and across various clouds.
Rapid response to events involving integrated orchestration and automation of routine tasks
Detect previously discovered risks and minimize false positives leveraging Microsoft analytics and unmatched threat intelligence.
Passwordless and Multi-factor Authentication (MFA)
This is an area that we should be more worried about. Why do we want to get rid of the passwords? Users hate them, they’re hard to recall, and they’re being reused everywhere. Not only do people dislike them. IT managers often dislike them for exact reasons. It cost a great deal to get them to reset. And who’s in love with these passwords? Hackers. More than 75% of data breaches last year contain weak, default, or compromised passwords.
Thus, Multi-Factor Authentication (MFA) 🔐is a perfect way to reduce the impact of these passwords. It’s more than just passwords, easy-to-use challenges but vulnerable to man-in-the-middle and phishing attacks.
So, Microsoft is bringing three different approaches to help users keep their identity protected and giving users more options with standard passwordless authentication.
Windows Hello
✔️It’s Microsoft’s premier passwordless experience. Through this end, the user can use either a simple pin or a biometric gesture(facial recognition or fingerprint scan) instantly log into the computers.✔
Microsoft Authenticator
✔️This is an experience where users who have already registered the authenticator with MFA push notifications can simply upgrade their account in the app and have a full passwordless experience.
FIDO2 Security Keys🔑
✔️These standards-based passwordless authentication method using two common protocols;
✨WebAuthN
✨CTAP
These open standards allow innovative offerings from partners, serving a broad range of user needs. These security keys are most commonly in a USB or NFC format
Journey to go passwordless => Start small 😊
- Enable Azure Active Directory
- Allow Azure Multi-Factor Authentication and Self-Service Password Reset for all users.
- Identify and update apps to allow AAD authentication
- Think about your hardware & devices.
- Start with a Pilot
Native firewall and network security🐱💻
Users can secure the edge of their network by using an Internet inverse firewall as a service. It’s pretty quick and convenient to customize a lot less complexity and help you get up and running with that protection sooner.
Organizations have a range of security requirements. In certain situations, the same company can have different protection standards for different settings.
Many Azure customers think that the Azure Firewall feature set is a good match and offers several key advantages as a cloud-based native managed service:
What kind of high-level features will be provided by the azure firewall?👇
- Network Address Translation(SNAT+DNAT)
- FQDN filtering(no SSL termination)
- Built-in HA with unrestricted cloud scalability(auto-scale as traffic grows)
- Full logging including SIEM integration
- Integrated monitoring and management, zero maintenance-cloud service model.
(Extracted from Azure Firewall versus Network Virtual Appliances — Feature comparison)
What are the other Azure security practices?
- Encrypt data at rest and in-flight
- Restrict access to your database
- Restrict access to your VMs
- Protect your application secrets
- Use a separate azure subscription for production
- Implement a web application firewall
- Use azure security center
That’s all folks, hope you enjoyed and hope you all got something from my blog.❤️
Thank you, everyone for all the claps and responses!
