Contact Us

|

Careers

|

Change Locale
close

What’s New with Azure Security 

Cloud | Posted on November 8, 2019 by Akshay Nikam

Cybercrime is happening all around us. If you haven’t been affectedit’s not a question of “if” but “when. Organized crime syndicates or script kiddie hackers employ sophisticated tools to generate profit or cause reputational damage. Nationstate actors leverage hacking to further political or economic agendas. The threats we see today are not new, but the level of sophistication has reached new heights.  

“The World Economic Forum estimates the economic value destroyed by cybercrime attacks at $3 trillion.”

In 2016, US businesses lost $1.8 million on average to spear-phishing attacks. Given these threats, we have compiled a few recent announcements from Microsoft on how they’re helping customers take an intelligent approach to preventing, detecting and responding to such events.  

Microsoft’s Azure Sentinel Security Information and Event Management (SIEM) is now commercially available 

SIEM provides realtime analysis of security alerts generated by applications or network hardware. Just recently, Microsoft took its SIEM, Azure Sentinel, out of public preview and into General Availability (GA). SIEM products have been in the market for a long time now. But even now, SecOps teams find it difficult to prioritize threats and show a clear call to action. Moreover, a shortfall of 3.5 million security professionals by 2021 will further increase these challenges.  

Below are a few ways Azure Sentinel helps with cloud-native security operations: 

Collects data across your enterprise   

The Azure Sentinel SIEM collects security data through built-in connectors, native integration with Microsoft products and standard industry log formats like Common Event Format (CEF) or Syslog.  It’s also possible to import Microsoft 365 data for free and combine it with other security data for analytics. Azure sentinel connects to other popular solutions like Palo Alto Networks, F5, Symantec, Fortinet and many more.  

 AI to analyze and detect threats quickly  

It would be impossible for a normal human to sift through daily security alerts and make the correlation from different products. Azure Sentinel’s scalable machine learning algorithm helps you quickly connect the dots. Combining this data with other solutions helps you better understand the kind of behavioral data that provides visibility into an entire attack sequence.   

Automate common tasks and threat response 

With Azure Sentinel, the need to keep solving the same problems disappears. Built-in automation with custom playbooks solves repetitive tasks and responds to threats quickly. 

Azure Bastion available in Preview 

Many organizations struggle to secure the connection to their Virtual Machines (VMs) on virtual networks (VNets) from the outside. Azure Bastion is a fully managed Platform as a Service (PaaS) offering that provides secure and seamless Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to your VMs directly through Azure portal.  

Limit Public Exposure of Virtual Machine IPs 

Access all VMs within a VNet through a single hardened point. Exposing the Bastion host as primary exposed public access helps lockdown of public internet exposure and limits threats such as port-scanning and other types of malware targeting your VMs.  

Connect to VMs over SSL 

Connect VMs in your VNet over SSL, port 443, directly in Azure portal. The RDP/ SSH connectivity helps you to connect from any device, any platform and at any time. This needs no additional agent to run inside your virtual machines.  

A fully managed service 

As a PaaS service, Azure Bastion is fully managed which means it has autoscale and hardened features. It provides an integrated, automated way to manually deploy and managjump servers to shield your VMs.

“The industry median time to detect an attacker on a victim’s network is 140+ days.”

Security Stack Partner Ecosystem 

Cipher Trust Cloud Key Manager solution by Thales is now available on Azure Stack Marketplace. This works with Azure and Azure stack “Bring Your Own Key” (BYOK) APIs to enable key control. The solution creates Azure compatible keys from the Vormetric Data Security Manager that can offer up to FIPS 140-2 level 3 protection. Customers can upload, manage, and revoke keys, as needed, to and from Azure Key Vaults running in Azure Stack or Azure. 6 

 Azure delivers multiple layers of security, from the secure foundation in its physical data centers to its operational practices to engineering processes that follow industry-standard Mitre guidelines. Additionally, customers get to choose from numerous self-serve security services that work for both Azure and on-prem workloads. Microsoft employs more than 3,500+ cybersecurity professionals and spends $1 billion annually on security.   

Just like anything else on the cloud, security also operates on a shared responsibility model between the cloud provider and the customer. At the same time, a cloud provider’s built-in security tools may not protect you from all the threats faced by your organization. Softchoice can help you identify such vulnerabilities and craft a vendor-agnostic plan to defend your kingdom.   

 

Looking for more insights on cloud security and Azure? Check out our Microsoft Azure Resources Hub.

 

Related Articles

Cloud | June 23, 2020 by Softchoice Advisor

Your organization has implemented cloud services like infrastructure-as-a-service (IaaS) or platform-as-a-service (PaaS) in your environment. You are considering taking a cloud-first approach for new workloads, making cloud the new standard for application delivery. Due to current economic pressures, you have a mandate to maximize efficiency and bring costs under control. You may also be tasked […]

Cloud | June 16, 2020 by Jennifer Reed

Whether or not you agree that OK Computer, the third album by the English rock band Radiohead released in 1997, deserved its critical acclaim, know that the Library of Congress had already deemed the album “critically, historically, or aesthetically significant” when it was included in the National Recording Registry in 2014. What cannot be disputed […]

Collaboration | June 2, 2020 by Softchoice Advisor

  Videoconferencing technology isn’t new, but it has experienced a distinct rise in popularity and strategic importance  as many more organizations shift to remote work.  A flash survey of 550 U.S. employers in March 2020 and found that 67% of them were in the process of allowing more workers to telecommute. As these working arrangements […]