Contact Us




Change Locale

Cloud security is a shared responsibility: Azure tools and webinar

Microsoft | Posted on August 11, 2016 by Tobin Dalrymple

Even if cloud providers take most of the hard work off your plate, you shouldn’t take lightly your own responsibilities – what Amazon or Microsoft aren’t going to do for you.

One of the most important of these responsibilities is – security – or at least some aspects of it. When you are leveraging the cloud as a platform for business applications, security duties are split between you and the provider.

Knowing how these roles are divided is key. Knowing how to execute them easily, effectively and dependably is even more important.

This was the topic of our most recent Azure webinar, hosted by Softchoice’s Services Practice Leader, Tadd Axon. Here is the deck and the webinar recording:


Who owns cloud security?

The responsibility of delivering security is split between the enterprise and the cloud provider.

Here is a general breakdown of who owns what:

  • Cloud provider – has the contractual obligation to provide a secure foundation and transparency – this is all about keeping the infrastructure safe.
  • Cloud provider – shoulders the burden of attracting and retaining security talent (a huge load off for you!).
  • Cloud consumer (you) focuses on the security of the actual application itself, and everything that involves managing it, using it and accessing integrations with other services, authentication and some parts of encryption.

A learning curve

Here’s the problem. Very few businesses have ever been through this exact situation, given cloud’s relative newness. It’s very hard to find talented resources who are veterans at managing application security in the cloud – much less someone you can afford in these competitive times. However, there are a number of tools offered that can help make this job easier and more reliable.

Your Azure security tool belt:

Azure Security Centre:

azure security center

Gives you a central view of the security state of all of your Azure resources. At a glance, verify that the appropriate security controls are in place and configured correctly. And quickly identify any resources that require attention.

Azure Identity Protection:

azure ID protection
A security service that provides a consolidated view into risk events and potential vulnerabilities affecting your organization’s identities. It leverages existing Azure AD’s anomaly detection capabilities and introduces new risk event types that can detect anomalies in real-time.

Azure Application Insights:

azure app insights
Uses machine learning capabilities to continually analyze your application. This allows it to learn your app’s normal behavior so service degradations or disruptions are automatically detected and reported—helping you respond to issues at the speed your customers demand.

Azure Operations Management Suite: Click to register for upcoming webinar

Operations Management Suite OMS
Protect your heterogeneous environments, respond proactively to changing business needs and simplify IT management – all from a single portal with no infrastructure to maintain.

We also covered two other important resources from Azure that help enterprises stay secure. Azure Resource Manager is the hub where you can save and deploy templates for your “infrastructure as code”. This is a quick and easy way to make repeated, optimized deployments. And Azure Storage Encryption, offering client-side libraries for encryption in transit as well as encryption at rest.

Finally, there are a number of relevant technologies that aren’t explicitly designed for Azure security but do offer you numerous options in strengthening your data protection.

These are:

  • Secure, flexible API Management
  • An auditable, HSM-based storage of secrets with Azure KeyVault
  • Azure SQL’s “least privilege” design
  • Disposable and ephemeral Virtual Machine Scale Sets

The cloud certainly offers benefits – but not if you waste too much time and energy in managing it, and especially not if you fail to protect your own data and information. Use these tools to get your side of the job done.

To learn more about Azure or to join upcoming webinars please go here.

Related Articles

Culture | August 14, 2020 by Softchoice

Picture someone about to start their first day at an exciting new job.   A few weeks ago, they completed several great interviews – all using video calling software.    Now, they begin Day 1: grabbing a cup of coffee, signing into their computer, starting their onboarding documentation. Just after 9 am, they get ready to meet with their new manager and teammates – all people they’ve only met through a computer screen.   Later that day, a representative from their human resources (HR) team reaches out to check-in about their experience as a candidate and now as […]

Culture | August 6, 2020 by Softchoice

This July, we celebrated our third annual Social Impact Month.   At Softchoice, July serves as a rallying point for every person in the company to generate meaningful impact. With the unprecedented events of this year, it was more important than ever that we looked to better support the communities in which we live and work while building a more giving and compassionate culture.   Although our […]

Culture | July 27, 2020 by Softchoice

Toward the end of February, the reality of the COVID-19 pandemic was becoming more evident to the Softchoice leadership team. Our People and Growth leaders knew they would need an agile response to keep our people and our customers safe.    Our business continuity plans to address technology redundancy were in place.  As a result of processes that had been in place for 3 years, we were perhaps ahead of most in our ability to move to a full remote work […]