Contact Us

|

Careers

|

Change Locale
close

What’s New with Azure Security 

Cloud | Posted on November 8, 2019 by Akshay Nikam

Cybercrime is happening all around us. If you haven’t been affectedit’s not a question of “if” but “when. Organized crime syndicates or script kiddie hackers employ sophisticated tools to generate profit or cause reputational damage. Nationstate actors leverage hacking to further political or economic agendas. The threats we see today are not new, but the level of sophistication has reached new heights.  

“The World Economic Forum estimates the economic value destroyed by cybercrime attacks at $3 trillion.”

In 2016, US businesses lost $1.8 million on average to spear-phishing attacks. Given these threats, we have compiled a few recent announcements from Microsoft on how they’re helping customers take an intelligent approach to preventing, detecting and responding to such events.  

Microsoft’s Azure Sentinel Security Information and Event Management (SIEM) is now commercially available 

SIEM provides realtime analysis of security alerts generated by applications or network hardware. Just recently, Microsoft took its SIEM, Azure Sentinel, out of public preview and into General Availability (GA). SIEM products have been in the market for a long time now. But even now, SecOps teams find it difficult to prioritize threats and show a clear call to action. Moreover, a shortfall of 3.5 million security professionals by 2021 will further increase these challenges.  

Below are a few ways Azure Sentinel helps with cloud-native security operations: 

Collects data across your enterprise   

The Azure Sentinel SIEM collects security data through built-in connectors, native integration with Microsoft products and standard industry log formats like Common Event Format (CEF) or Syslog.  It’s also possible to import Microsoft 365 data for free and combine it with other security data for analytics. Azure sentinel connects to other popular solutions like Palo Alto Networks, F5, Symantec, Fortinet and many more.  

 AI to analyze and detect threats quickly  

It would be impossible for a normal human to sift through daily security alerts and make the correlation from different products. Azure Sentinel’s scalable machine learning algorithm helps you quickly connect the dots. Combining this data with other solutions helps you better understand the kind of behavioral data that provides visibility into an entire attack sequence.   

Automate common tasks and threat response 

With Azure Sentinel, the need to keep solving the same problems disappears. Built-in automation with custom playbooks solves repetitive tasks and responds to threats quickly. 

Azure Bastion available in Preview 

Many organizations struggle to secure the connection to their Virtual Machines (VMs) on virtual networks (VNets) from the outside. Azure Bastion is a fully managed Platform as a Service (PaaS) offering that provides secure and seamless Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to your VMs directly through Azure portal.  

Limit Public Exposure of Virtual Machine IPs 

Access all VMs within a VNet through a single hardened point. Exposing the Bastion host as primary exposed public access helps lockdown of public internet exposure and limits threats such as port-scanning and other types of malware targeting your VMs.  

Connect to VMs over SSL 

Connect VMs in your VNet over SSL, port 443, directly in Azure portal. The RDP/ SSH connectivity helps you to connect from any device, any platform and at any time. This needs no additional agent to run inside your virtual machines.  

A fully managed service 

As a PaaS service, Azure Bastion is fully managed which means it has autoscale and hardened features. It provides an integrated, automated way to manually deploy and managjump servers to shield your VMs.

“The industry median time to detect an attacker on a victim’s network is 140+ days.”

Security Stack Partner Ecosystem 

Cipher Trust Cloud Key Manager solution by Thales is now available on Azure Stack Marketplace. This works with Azure and Azure stack “Bring Your Own Key” (BYOK) APIs to enable key control. The solution creates Azure compatible keys from the Vormetric Data Security Manager that can offer up to FIPS 140-2 level 3 protection. Customers can upload, manage, and revoke keys, as needed, to and from Azure Key Vaults running in Azure Stack or Azure. 6 

 Azure delivers multiple layers of security, from the secure foundation in its physical data centers to its operational practices to engineering processes that follow industry-standard Mitre guidelines. Additionally, customers get to choose from numerous self-serve security services that work for both Azure and on-prem workloads. Microsoft employs more than 3,500+ cybersecurity professionals and spends $1 billion annually on security.   

Just like anything else on the cloud, security also operates on a shared responsibility model between the cloud provider and the customer. At the same time, a cloud provider’s built-in security tools may not protect you from all the threats faced by your organization. Softchoice can help you identify such vulnerabilities and craft a vendor-agnostic plan to defend your kingdom.   

 

Looking for more insights on cloud security and Azure? Check out our Microsoft Azure Resources Hub.

 

Related Articles

Cloud | November 14, 2019 by Ryan Demelo

Protect the data and applications critical to your business.   Data has a significant impact on the way we do business, enabling innovation, defining how we engage our customers and expand our ability to generate revenue. With IDC forecasting that by 2025 the global data sphere will grow to 175 Billion Terabytes of information, businesses will need to be more strategic and efficient in the way they manage – and protect – their data.  The increase in global cyberattacks is a […]

Cloud | October 9, 2019 by Liz Teodorini

Virtual Discovery Expo, or VDX—a free, online-only tech conference—just wrapped and the community is still abuzz about it. VDX featured more than 25 disruptive vendors, along with breakout sessions, networking opportunities and downloadable takeaway content. We love tech conferences, and so we were excited to deliver this one right to our customers’ desks. Enough exciting […]

Cloud | September 30, 2019 by Sarah Walker

Small and medium businesses (SMBs) have a lot to gain from shifting their technical operations into the cloud. In addition to improved flexibility and scalability to match IT resources to demand, a cloud migration can also deliver savings by transitioning from a CAPEX to OPEX model. The consistent and predictable costs of cloud services for […]