By Stephanie Baskerville on October 12, 2018

Securing your Azure Environment Through Azure Security Center

 

When evaluating a move from a traditional data center to Microsoft Azure there are several key benefits that need to be considered. While many customers focus their attention around the improved reliability and scalability that a move to the Cloud may bring, many overlook the enhanced security benefits that come along with it.

When it comes to Microsoft Azure, Microsoft has put a strong focus around the security piece and keeping data secure - enter Azure Security Center! Are you looking at Microsoft Azure? If so, these security benefits can help enhance your business case for migrating. Already leveraging Microsoft Azure? It’s important to understand how easy it is to enhance the security of your environment.

In this blog post we are going to highlight some of the features that are available in the Azure Security Center and how it can help customers secure their IT assets.
 

What Is Azure Security Center?

Azure Security Center provides users with unified security management and advanced threat protection capabilities across hybrid Cloud workloads that are running. It has the ability to let users apply security policies across workloads, limit exposure to various threats, and gives the user the capability to detect and respond to attacks.

 

Azure Security Center Provides Centralized Policy Management

The Azure Security Center can provide you with centralized policy management, which gives you information on your subscription coverage, policy compliance (from either a company or a regulatory standpoint), and your security posture. Centralized policy management covers a few areas:

Subscription Coverage:

Azure Security Center monitors the total number of subscriptions you have read and write access to, and what coverage level (Standard or Basic) those subscriptions are running under. It also provides additional information that will allow you to identify who owns that subscription, in case you need to make changes to it.

Azure Security Center

Source

Policy Compliance:

As part of the centralized policy management, Azure Security Center also allows you to view your overall compliance ratio, and what subscriptions are the least compliant. You can also edit and define your security policy and tailor it to the type of workload and/or how sensitive your data is. Or, if you need to create new policies or definitions, you can also do so, assigning these policies across whatever subscriptions or groups you require.

 

Continuous Security Assessment 

Another feature of the Azure Security Center is the ability to have a continuous security assessment running. From the Security Center overview, you can see potential security issues, like systems that have missing security updates, or any network ports that are exposed. This is done in two specific ways:

Secure Score:

The Azure Security Center takes a look at your security recommendations, then prioritizes them for you by giving them a Secure Score. This is a measurement tool that helps you to identify any security vulnerabilities and prioritize which ones need to be investigated first.

Azure Security Center

Source

Health Monitoring:

The Azure Security Center also helps you with health monitoring for the resources in your organization. Resources can be anything, like computer & applications, networking, data & storage, and identity & access. With this list of resources, you’ll also see any vulnerabilities that have been identified by Azure Security Center.

 

Azure Security Center Allows for Actionable Recommendations

Of course, security vulnerabilities aren’t much good unless there are actionable recommendations that go along with them, and Azure Security Center also provides these, too! Once the security state of your Azure and non-Azure resources has been determined, you can see a list of recommendations that will help guide you through the process of addressing security issues.

When you look at your dashboard, under Resources, you’ll see a list of the most prevalent recommendations, which you should focus your attention on. If you resolve this recommendation, it will help you to improve your compliance the most. Clicking on “Improve your compliance” will provide you with a description of the recommendation, and a list of the resources that would be impacted.

Azure Security Center

Source

 

Threat Protection with Azure Security Center

Threat protection is another area that is of extreme importance to many organizations that we deal with. Azure Security Center is able to use advanced analytics and global threat intelligence to detect any incoming attacks, as well as post-breach activity that you need to be aware of. This visual, interactive investigation experience through Azure Security Center prioritizes alerts and groups them into various incidents, which helps you to focus on the most critical threats right away. Plus, Azure Security Center gives you the ability to create custom security alerts.

Azure Security Center

Source

 

Just-in-Time VM Access through Azure Security Center

If you’re using virtual machine access for your employees, it’s important to make sure that it’s secure. Azure Security Center offers Just-in-Time Virtual Machine access, which, because it’s controlled, reduces the network attack surface, and allows you to reduce exposure to brute force or other network attacks.

Using Azure Security Center, you can specify the rules for how your users can connect to your Virtual Machines. When they need access, your users can request it from Security Center or PowerShell, and as long as the request complies with the rules that you’ve specified, that user will be automatically granted access for as long as they’ve requested it.

 

Azure Security Center has Adaptive Application Controls

Wouldn’t it be nice if you could block malware and other unwanted applications? With Azure Security Center, you can do just that. An intelligent, automated, end-to-end application whitelisting solution from Azure Security Center, adaptive application controls apply whitelisting recommendations that can be adapted to your specific Azure workloads. These adaptive application controls help you to monitor and control which applications are allowed to run on your virtual machines.

Azure Security Center

Source

 

Integrate Your Security Solutions with Azure Security Center

What good is it to secure your organization, if those security settings aren’t talking to each other? Azure Security Center also works to integrate your security solutions, which automatically connects various security solutions that you’ve deployed in your organization. When you deploy Azure security solutions from the Azure Security Center, you can also connect other security data sources, such as:

  • Azure AD Identity Protection
  • Computers running on-premises or in other clouds
  • Security solution that supports the Common Event Format (CEF)
  • Microsoft Advanced Threat Analytics

Why is this important to your organization? By integrating your security solutions through Azure Security Center, you can simplify deployment through streamlined provisioning of integrated partner solutions, use integrated detections for any security events that occur, and use the integrated solutions to monitor the health and security of your organization.

Azure Security Center

Source

 

Get Started Today!

There’s no doubt that, with Microsoft’s commitment to security, Azure Security Center is able to enhance the security of your environment and, as this blog has shown, Azure has plenty of features to help you secure your IT infrastructure. So, why not get started using it today? Contact our experts to learn more about Azure Security Center and how you can implement it in your organization.

Still have some questions about it? Check out our upcoming “Getting to Azure: Assessment, Migration, and Security Considerations” webinar, where you’ll not only learn more about Azure Secure Score, but you’ll also see a live demo of Azure Assessment in action!

Azure Security Center

 

Published by Stephanie Baskerville October 12, 2018