Category: Security

Walkthrough using Azure Policy to audit and enforce compliance

July 9, 2020

azpolicyUse Azure Policy to manage and enforce your standards for governance and compliance and to assess that compliance at scale. When you implement Azure Policy, you are effectively adding guard-rails for your users. But you also have a way to audit your organization compliance against a particular policy.

In this walkthrough, you will learn the implications of using a Policy in Azure. For this walkthrough, you will use Azure CLI to create a storage account that will not be compliant, but allowing its contents to be accessed using HTTP. Then you will add a Policy that requires HTTPS, and see how you can audit existing, non-compliant resource. You will audit the resource using the portal and using PowerShell script. Then you will create another non-compliant resource and see how Azure blocks the resource during creation.

Continue reading “Walkthrough using Azure Policy to audit and enforce compliance”

Understanding Azure Policy for regulatory compliance

July 7, 2020

azpolicyUse Azure Policy to manage and enforce your standards for governance and compliance and to assess that compliance at scale. The idea is to set standards and to be able to demonstrated your organization is meeting your regularoty compliance goals.

In previous blog posts, you learned about setting up Management Groups and Security Center. For management groups, you learned that policies can be applied  across multiple subscriptions. You noticed that Security Center provides a set of policies (an an policy initiative) for your subscription.

In this post, learn the basics of Azure Policy for you to manage resource consistency, regulatory compliance, security, and cost. And how Policies can be grouped together as initiatives, and how you can assign initiatives to specific regulatory compliance goals.

Continue reading “Understanding Azure Policy for regulatory compliance”

Setting up Security Center for production in enterprise

June 18, 2020

Icon-security-241-Security-CenterSecurity Center provides out of the box policies and a dashboard to identify possible security issues with your subscription.

To start with Security Center has a good set of policies that will help you do basic audits and provide security alerts.

Use Security Center to meet your cloud requirements

In this article, you will be able to meet the following requirements:

  • Set up ways for your security team, developers, and operations to quickly audit subscriptions.
  • Mitigate security issues

Continue reading “Setting up Security Center for production in enterprise”

Setting up your enterprise Azure subscription administrators

June 4, 2020

azureadministratorpngMicrosoft makes it easy to get started using Azure — sign up for a free subscription and get started. The tutorial show you how to use the portal to create virtual machines, storage, backups. All good.

And then it comes time to take your applications into production. You may realize that you need to show auditors your security methods. And you want to be sure to protect your customer data. Or you may have cloud sprawl and want to control costs.

And you have had a good conversations about your requirements. What then?

This article shows you how to get your subscription up and running using some important best practices for your administrators. It shows how to set up Security Center and how to set up policies that can be used to help your security team validate that you are using best practices.

Continue reading “Setting up your enterprise Azure subscription administrators”

Requirements, plan for your enterprise Azure Subscription for production

June 1, 2020
Cloud Adoption Framework
Microsoft’s Cloud Adoption Framework

You can get started in Azure. But soon it becomes time to build your subscriptions for your enterprise. For example, giving unrestricted access to developers can make your devs very agile, but it can also lead to unintended cost consequences. In addition, you will want to have requirements to demonstrate compliance for security, monitoring, and resource access control.

In this article we help organize some thoughts around the strategy and plan for building out your cloud, including a plan that you can put into Azure DevOps.

The Cloud Adoption Framework provides guidance for in depth analysis and preparation for your cloud. 

Continue reading “Requirements, plan for your enterprise Azure Subscription for production”

Azure Web Sites Migration Assistant Empowers You to Migrate Departmental Applications the Cloud

December 25, 2014

azurecloudMoving applications to the cloud provides you with a cloud infrastructure for backup and resiliency. When you move to the cloud, you move from a standard physical implementation tool, including data centers, software, hardware, networking and servers – and move to a service, where much of the infrastructure is maintained for you. Cloud offerings such as Microsoft Azure provide you with a standard configuration. If your application fits those parameters, migration is easier. Other times, the application may require particular settings in Internet Information Services.

Although not all applications will seamlessly move to the cloud, a tool from Microsoft Azure Websites Migration Assistant offers you a way to determine what challenges you may face in moving your application to Azure. The Azure Websites Migration Assistant help you migrate your on-premise app to the cloud in a few clicks.

For example, if you want to move a departmental application from Windows Server 2003 running ASP.NET 2 running a version of SQL locally, you might not think of that being a candidate for migration to the cloud.

Windows Server 2003 will reach end of support on July 14th 2015. If you are currently your websites on an IIS server that is Windows Server 2003, Azure Websites is a low-risk, low-cost, and low-friction way to keep your websites online, and Azure Websites Migration Assistant can help automate the migration process for you.

Azure Websites Migration Assistant can analyze your IIS server installation, identify which sites can be migrated to Azure Websites, highlight any elements that cannot be migrated or are unsupported on the platform, and then migrate your websites and associated databases to Azure.

Applications can be deployed to Azure Websites.

Continue reading “Azure Web Sites Migration Assistant Empowers You to Migrate Departmental Applications the Cloud”

Windows Azure Goes PCI-Compliant

January 20, 2014

azurecloudWindows Azure has been validated for compliance with the Payment Card Industry (PCI) Data Security Standards (DSS) by an independent Qualified Security Assessor (QSA).

The PCI DSS is the global standard that any organization of any size must adhere to in order to accept payment cards, and to store, process, and/or transmit cardholder data. By providing PCI DSS validated infrastructure and platform services, Windows Azure delivers a compliant platform for you to run your own secure and compliant applications. You can now achieve PCI DSS certification for those applications using Windows Azure.

Continue reading “Windows Azure Goes PCI-Compliant”