Scribd Logo
Upload

Welcome to Scribd!

  • 03 Security, Privacy, Compliance, and Trust

    Uploaded by

    Sebastian van Belzen
    7 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views3 pages

    03 Security, Privacy, Compliance, and Trust

    Uploaded by

    Sebastian van Belzen

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Security, Privacy, Compliance, and Trust

    Azure Monitor = Give you the health of the entire Azure infrastructure

    Azure Security Center = Usage Scenarios Incident Response (Detect,


    Assess, Diagnose) Implement Recommendations

    Azure AD Identity Protection = make use of Multi-Factor Authentication


    Users are prompted to change password

    Azure Information Protection = Automatically add a watermark to Msword


    documents that contact creditcard information

    Azure privileged identity management = Used to give just-in-time access to


    Resources

    Azure Advanced Threat protection = prevent suspicious attacks and threats


    Monitor threats by using sensors

    Azure Management Groups = Manage access, policies and compliance for


    resources across multiple subscriptions.

    Azure Resource Groups = inherit the permissions assigned to the


    resource group
    deploy set of vm with same permissions
    Have no costs associate with them

    Azure Resource Manager = deploy objects and allows consistency

    The Virtual Machine blade = Are there any issues with the underlying infrastructure for
    just the VM

    Azure log Analytics = Use the correlate events from multiple resources

    Microsoft Trust Center = complies with rules and regulations


    (From on-premise to Azure)

    Azure Advisor = A tool that provides guidance and recommendations to


    improve an Azure environment

    Azure Cognitive Services = Tool to build Artificial Intelligence applications

    Azure Application Insights = Monitor Web applications hosted in production based


    Environments

    Azure Activity log = You see all operations on all resources for example which
    user shut down a VM
    DDoS Protection Standard = Get real time attack metrics

    Network Security Group (NSG) block or open a port


    Set inbound and outbound rules to filter by source and destination IP address, port and
    protocol. Ensure that traffic restrictions are in place only database can communicate with web
    server. VM needs to communicate with other resources within Virtual Network

    Azure Firewall = can limit the amount of traffic

    Authentication (Who are you?) Act of providing legitimate credentials

    Authorization (What are you allowed to do?)

    Authentication
    Single Sign-On (SSO)
    Application Management
    Business to Business (B2B) Identity Services
    Device Management

    Service Bus = used as a messaging system

    Azure Blueprints = Deploy role assignments & policy assignments

    Key Vault
    Azure Key Vault is a secret store: a centralized cloud service for storing application secrets. Key
    Vault helps you control your applications' secrets by keeping them in a single central location
    and providing secure access, permissions control, and access logging.
    Azure Policies
    Azure Policy is a service you can use to create, assign, and manage policies. These policies
    apply and enforce rules that your resources need to follow. These policies can enforce these
    rules when resources are created, and can be evaluated against existing resources to give
    visibility into compliance.

    Initiatives
    Initiatives work alongside policies in Azure Policy. An initiative definition is a set or group of
    policy definitions to help track your compliance state for a larger goal.

    Role-Based Access Control


    RBAC provides fine-grained access management for Azure resources, enabling you to grant
    users the specific rights they need to perform their jobs. RBAC is considered a core service and
    is included with all subscription levels at no cost.

    Azure locks = prevent accidental modification or deletion of resources

    Azure Service Health = Can create a rule to be alerted

    GDPR = A European policy that regulates data privacy and data protection
    ISO = An organization that defines international standards across all industries
    NIST = An organization that defines standards used by the United States government

    Microsoft Privacy Statement


    The Microsoft privacy statement explains what personal data Microsoft processes, how Microsoft
    processes it, and for what purposes.

    Service Trust Portal


    The Service Trust Portal (STP) hosts the Compliance Manager service, and is the Microsoft
    public site for publishing audit reports and other compliance-related information relevant to
    Microsoft’s cloud services. You can download audit reports

    Compliance Manager
    Compliance Manager is a workflow-based risk assessment dashboard within the Trust Portal that
    enables you to track, assign, and verify your organization's regulatory compliance activities related to
    Microsoft professional services and Microsoft cloud services such as Office 365, Dynamics 365, and
    Azure.

    Azure Government Services


    For USA government entity
    For USA government contractor

    Employee has left the company = Leverage single sign-on

    Azure Key vault = prevent credentials from being stored in web app

    Azure tags = ensure bills will separate department wise

    Azure Information Protections = Encrypt documents and email messages

    You might also like