The Free and Easy Way to Secure Your Hybrid Cloud Environment
The free and easy way to secure your hybrid cloud environment!
Cloud adoption is growing, 90% of fortune 500 companies use the Microsoft Cloud (Rightscale 2017). The most common approach is to adopt a hybrid cloud architecture, where services are hosted both on-premise and in the cloud.
Hybrid cloud requires a new approach for security, with your infrastructure being spread out there is a need for increased visibility and control. In legacy on-premise environments, servers were a bit like house plants, easy to monitor (water), and keep alive. In the cloud, compute resources are a disposable commodity that changes rapidly. New solutions are required that can keep up with the pace of change as services dynamically scale
As cloud technology advances, so does the threat landscape. Attacks are becoming increasingly sophisticated; it is critical to leverage analytics and threat intelligence to detect threats quickly. Microsoft Azure Security Center provides unified security management and enables advanced threat protection for hybrid cloud workloads.
It is built into Azure, with no additional setup required. It has a free tier that will automatically discover your azure resources and provide a secure score, as well as free security recommendations to improve your score. It can also be used as a single pane of glass to gain insights for resources running in other cloud environments and on-premise.
It is important to set control standards for the resources being created within your Azure tenant; Azure Security Centre provides centralized policy management. You can define individual security policies for each subscription or apply policy across multiple subscriptions.
Integrated log analytics enable you to quickly identify notable events that require your attention. There is a number of pre-defined events available out of the box, or you can create custom search queries. Results can be exported in your favorite format or pushed into PowerBI. Security Center allows you to ingest security logs from a variety of sources such as third-party firewalls and anti-malware solutions, or from Azure apps such as Azure Active Directory and Azure Information Protection.
The Adaptive Threat Protection element of Security Center enables adaptive protections that will identify and mitigate risk, as well as reduce exposure to attacks. As your resources are added, a small agent will be installed on them automatically. This allows each resource to be continuously assessed based on hundreds of built-in security assessments, there is also the option to create your own. Security Center will make recommendations on remediations for issues that are identified.
Outside of the continuous assessments, there is also the capability to reduce the risk of being impacted by a brute-force attack against your virtual machines. Just in Time (JIT), VM access allows you to lock down ports such as RDP or SSH at the network level. Users with the appropriate role can request access and gain automatic approval for a limited time. The ports will be dynamically opened and then locked down again once the approval time expires.
The real party piece within Security Center is the Intelligent detection and response capability. It uses advanced analytics and the Microsoft Intelligent Security graph to rapidly detect and respond to evolving threats. Whether you are being subjected to a DDoS attack from the perimeter, a suspicious process is executed on a virtual machine, or data exfiltration to a known malicious IP, Security Center has you covered.
You will receive prioritized security alerts that enable you to focus on the most critical threats first. There is an interactive map that allows you to see where in the world attacks are coming from, as well as information on the known objectives, tactics, and techniques attributed to the attacker.
Azure Security Center simplifies managing the security posture of your infrastructure, whether it is in Azure, on-premise, or in another vendor’s cloud. It is free to get up and running, I would highly recommend you check it out and review your secure score and any recommendations to improve it.
Interested in enabling some of the advanced features of Security Center? Ask us how!