Tech Talks are a weekly opportunity to learn how to do more, and do it securely with your cloud software and services. Each week, we host a short talk from a subject matter expert, followed by a community driven Q&A where Agile IT’s clients can ask our engineers any of their most pressing questions. This is a free service for our clients. August 2nd’s Tech Talk featured Rich Carlsen, a Microsoft Solutions Architect who provided a helpful overview of getting started using Azure Security Center to protect your cloud and on-premise assets.Security in the Modern Workplace? ---------------------------------
Security is a broad area, it covers almost every aspect of the work place, from when we walk in through doors, sit at our workstations, and send files. Thankfully, there are some cool things happening with Azure that allow us to expand security in new and powerful ways.
Security is as easy as A..B..C…
Get started quickly using intelligent and available Azure Security Services
- Azure Security Center
- Azure Backup
- Azure Site Recovery
Azure offers enterprise grade management
- Configure - Update management, scripting automation and configuration
- Govern - Policy and cost management
- Secure - Security Management and Threat Protection
- Protect - Backup and disaster recovery
- Monitor - App, infrastructure and network monitoring, log analytics and diagnostics
Azure Security Center
Azure Security Center is best described as a collection of best practices brought together in a single software solution. By taking the lessons learned that secure Microsoft’s own data centers, and building it into a platform with a compelling and easy to use interface, Azure Security Center gives any business access to world-class enterprise security. Additionally, the Azure mobile app gives you anywhere access to your resources, so you can monitor their heath, get alerts, fix issues and even execute cloud shell commands from any mobile device.
Business Continuity Strategy
There are three main parts of a Business Continuity Strategy:
- High Availability - Maintaining acceptable continuous performance despite temporary failures in services, hardware, data centers or fluctuations in load.
- Disaster Recovery - Protection against loss of an entire region through asychrnous replication and failover of Virtual Machines to another cloud regions using Azure Site Recovery
- Backup - Replication of data to one or more zones or regions so if your datta is corrupted, deleted or lost you can restore it.
Azure Security Center Demo
Rich began the demo in his personal Azure sandbox, where he works to try new ideas, resolve client issues, and learn new techniques. As such, he has dozens upon dozens of instances which have not had any security policies implemented.
From the Azure Security Center Overview page, you can immediately see your policy and security hygiene status in easy to read charts that show you the heath of all your resources.
Getting Started: There is a easy to find tab for “getting started” in Azure Security Center that provides guided wizards for:
- Configuring Security Policy - Customize the security policy for your Azure subscriptions according to your company security needs and the type of applications or sensitivity of data. Enable automatic collection of security configurations and logs for analysis and choose the security controls you want to monitor and recommend.
- Complete Recommendations - View a list of security recommendations, such as enabling Endpoint Protection on virtual machines, defining a Network Security Group for subnets and network interfaces, applying encryption for SQL databases and more. Click to resolve the recommendation or learn more.
- Understanding Your Security Health - View the security state of all your Azure resources, including your virtual machines, networks, SQL databases and more. Quickly identify security vulnerabilities and click to take action or learn more.
- Getting Alerted to Security Threats - View the security state of all your Azure resources, including your virtual machines, networks, SQL databases and more. Quickly identify security vulnerabilities and click to take action or learn more.
- Learning More - Additional Azure security documentation, a support forum, and the official Microsoft Planning and Operations Guide
Events: The events tab provides a log of anomalous health and security events in Azure. Recommendations: The recommendations tab in Azure Security Center is probably the best place to start if you are taking a first go at securing your Azure instances. In the recommendations tab, you will find a list of security recommendations ranked by severity. These range from suggestions to apply disk encryption to giving notices where virtual machines need rebooting after patching. Clicking on any recommendation then takes you to a page that identifies the threat in more detail, provides remediation steps to correct the vulnerability, and shows you which of your instances are affected.
Compute and Apps: The compute and apps tab, under resource security hygiene shows you the same recommendations, however you can break down the reports by groupings of VMs and Computers, Cloud Services and App Services.
Networking: In addition to covering virtual machines, Azure Security center can identify and give remediation advice for your virtual networks. The networks tab provides a visual display of your networking topology and shows vulnerable end points.
Storage: Just as it does for virtual machines, apps and networks, Azure security center provides overview and security implementations of cloud storage, including virtual drives and databases.
On-premises Alternative to Azure Security Center
Even if you are not on Azure, Microsoft systems center provides much of the same functionality as Azure Security Center but has a number of drawbacks.
- Huge implementation requiring dedicated servers and domains
- Independently maintained security
- Imposing learning curve, requiring an IT infrastructure unit
- High license costs (Azure Security center is free, but advanced capabilities, including on-premises protection are available with better licensees)
Azure Security Center for Managing On-Premises Systems
Azure security center works well in hybrid environments. Agents can be installed on local machines and networks to monitor and protect on-premise systems, as well as assets running on AWS and Google Cloud.
Compliance in Security Center
Microsoft has 79 pre-created compliance policies that can be implemented into Azure including GDPR, HIPPA, PCI DSS, FedRAMP High, FINRA, and ISO 27001. Once set-up, Azure Security Center will provide overall policy compliance scoring right in the Security Center Overview.
Get A Demo of Azure Security Center
If you are interested in understanding how you can implement Azure Security Center in your business, or how to take better advantage of an existing license, feel free to schedule a call with one of our Cloud Solution Advisors. Agile IT offers Demos, Workshops, Proof of Concepts and fully managed Azure services to meet your business needs.