Understanding Azure Policy for regulatory compliance

azpolicyUse Azure Policy to manage and enforce your standards for governance and compliance and to assess that compliance at scale. The idea is to set standards and to be able to demonstrated your organization is meeting your regularoty compliance goals.

In previous blog posts, you learned about setting up Management Groups and Security Center. For management groups, you learned that policies can be applied  across multiple subscriptions. You noticed that Security Center provides a set of policies (an an policy initiative) for your subscription.

In this post, learn the basics of Azure Policy for you to manage resource consistency, regulatory compliance, security, and cost. And how Policies can be grouped together as initiatives, and how you can assign initiatives to specific regulatory compliance goals.

Continue reading “Understanding Azure Policy for regulatory compliance”

Setting up Management Group for production in enterprise

org1Once you have set up your first subscription, you can set up your Management Group.

In Azure, management groups are a way to group your subscriptions. When you apply policies and governance to your management group, all of the subscriptions within a management group automatically inherit the conditions applied. Enterprises want management groups as a way to scale your operations no matter how many subscriptions you may have.

For example, you may want to restrict the regions available for your resources to those within a particular region. A policy that reflects that can be applied to a management group and will automatically be applied to all management groups, all subscriptions, and all resources under that management group.

Continue reading “Setting up Management Group for production in enterprise”

Organize Azure resources using management group, tags, naming convention

org1Once you have set up your Azure administrators, you can begin to consider how to organize your cloud into management groups, subscriptions, resource groups. You will want to develop a naming standard, and way to tag resources.

Although you may be focused initially on just getting your resources deployed, you will want to be able to manage them. For example, a year from now you may want to know who is responsible for the virtual machine that is no longer doing anything, but is costing money. In other words, you may want lifecycle management.

You may want the ability to charge a set of resources to a cost center and to budget those resources. For example, you may want to receive alerts for both the users and for your administrators when costs are out of line with expectations.

And as we all know, it is easier to organize as you go. In this article, you will learn about some key points in organizing your Azure resources.

Continue reading “Organize Azure resources using management group, tags, naming convention”

Setting up your enterprise Azure subscription administrators

azureadministratorpngMicrosoft makes it easy to get started using Azure — sign up for a free subscription and get started. The tutorial show you how to use the portal to create virtual machines, storage, backups. All good.

And then it comes time to take your applications into production. You may realize that you need to show auditors your security methods. And you want to be sure to protect your customer data. Or you may have cloud sprawl and want to control costs.

And you have had a good conversations about your requirements. What then?

This article shows you how to get your subscription up and running using some important best practices for your administrators. It shows how to set up Security Center and how to set up policies that can be used to help your security team validate that you are using best practices.

Continue reading “Setting up your enterprise Azure subscription administrators”