The Essential Guide to. Microsoft Azure Security



Similar documents
Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Microsoft Azure. White Paper Security, Privacy, and Compliance in

Preemptive security solutions for healthcare

How To Protect Your Cloud From Attack

Cloud and Data Center Security

The Education Fellowship Finance Centralisation IT Security Strategy

Company Overview. Enterprise Cloud Solutions

Why a Server Infrastructure Refresh Now and Why Dell?

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Cloud Security Trust Cisco to Protect Your Data

Injazat s Managed Services Portfolio

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Accenture cloud application migration services

VICNET is G-Cloud7 GOV UK Supplier VISIT DIGITAL MARKET PLACE VICNETCLOUD VICNET CLOUD MIGRATION SERVICES

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

PCI DSS Reporting WHITEPAPER

Windows Server 2003 migration: Your three-phase action plan to reach the finish line

Cloud Based Device Management Using Enterprise Mobility Suite Production Pilot Service Definition Document

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

PCI DSS Top 10 Reports March 2011

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Building Secure Cloud Applications. On the Microsoft Windows Azure platform

Cisco Security Optimization Service

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Application Security in the Software Development Lifecycle

Strategies for assessing cloud security

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

PCI Compliance for Cloud Applications

How To Protect Your Network From Attack From A Network Security Threat

Total Protection for Compliance: Unified IT Policy Auditing

Modernizing Servers and Software

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

How To Protect Your Data From Harm

Managed Security Services for Data

Tips For Buying Cloud Infrastructure

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Brochure. Update your Windows. HP Technology Services for Microsoft Windows 2003 End of Support (EOS) and Microsoft Migrations

Hedge Funds & the Cloud: The Pros, Cons and Considerations

Windows Server 2003 End of Support Options

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Accelerate Your Enterprise Private Cloud Initiative

Cloud Courses Description

State of Oregon. State of Oregon 1

SkySight: New Capabilities to Accelerate Your Journey to the Cloud

Cloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs

How To Use Windows Small Business Server 2011 Essentials

VMware vcloud Air Security TECHNICAL WHITE PAPER

Cloud Computing: What IT Professionals Need to Know

An enterprise- grade cloud management platform that enables on- demand, self- service IT operating models for Global 2000 enterprises

How cloud computing can transform your business landscape

Cisco Advanced Services for Network Security

Securing the Microsoft Cloud

Windows Server 2003 Migration: Take a Fresh Look at Your IT Infrastructure

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

OVERVIEW. Enterprise Security Solutions

Total Cloud Protection

Safeguarding the cloud with IBM Dynamic Cloud Security

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Firewall Administration and Management

CloudCheck Compliance Certification Program

The Evolving Threat Landscape and New Best Practices for SSL

Migration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module

Improving the Microsoft enterprise. network for public cloud connectivity

Datameer Cloud. End-to-End Big Data Analytics in the Cloud

Whitepaper: 7 Steps to Developing a Cloud Security Plan

Cloud computing insights from 110 implementation projects

Tufin Orchestration Suite

Guardian365. Managed IT Support Services Suite

Microsoft SharePoint Architectural Models

Windows Server Your data will be non-compliant & at risk on

How cloud computing can transform your business landscape.

The Protection Mission a constant endeavor

Realizing the Benefits of Hybrid Cloud. Anand MS Cloud Solutions Architect Microsoft Asia Pacific

The cloud - ULTIMATE GAME CHANGER ===========================================

Intermedia s Dedicated Exchange

McAfee Server Security

IBM QRadar as a Service

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

Transcription:

The Essential Guide to Microsoft Azure Security

The year Of Microsoft Azure Is upon us Every week thousands of businesses are building apps, off-loading workloads and hosting core infrastructure with Microsoft Azure. In 2014, the Microsoft cloud boosted its offering with major improvements to security, compliance and product releases. In fact, Gartner named Microsoft Azure a quadrant leader for Infrastructure and Platform services in the Cloud rivaling incumbents Amazon and Google. As Big Data and the Internet of Things become mainstream, they ll create greater demands for faster, more flexible and more dependable data center resources off premise. Which means 2015 is the year Azure enters the enterprise in a big way. There still remains a nagging question, and it s one that keeps business leaders the ones like you looking to move critical business processes and data to the cloud up at night. The question remains, is Microsoft Azure safe? This guide provides advice and straight answers from three of our top Microsoft experts. Tadd Axon Softchoice Solution Architect Jason Bero Microsoft Practice Lead - Services Tim McKellips Microsoft Practice Manager North America 2

What this guide covers It seems we read news headlines every other week describing major breaches in the cloud - from giant retailers, technology firms and even cloud providers themselves. There no surprise these media frenzies deepen our concerns about the safety of the public cloud. 40% of enterprise leaders say security fears prevent them from adopting Azure and other cloud services The reality is, moving to the cloud has enormous upside potential greater efficiency, greater productivity, lower costs which combine to deliver a competitive edge. This guide isn t focused on those benefits. What this guide does provide is a close examination of the security issues relating to Microsoft Azure, and then offers an in-depth analysis of Azure s strengths in those areas. It also reveals the opportunities for your team to own your destiny and build a secure, profitable cloud-enabled enterprise. Identify your fears and rest at ease. In general, fears and hesitations surrounding Microsoft Azure boil down to several core questions. Read this guide to get answers and clarity on the following concerns: ü Where is my data located? ü Is the Azure cloud secure? ü Who is able to see/access/download my data? ü Can I have my data back? ü Who owns my data? ü Am I compliant in the cloud? ü What happens in the event of a breach? ü Who do I call? 3

Security Concern #1: Identity and Access Management Your data falling into the wrong hands is the most devastating security breach there is. Fears of this possibility are heightened when your data reside outside your premises. How Microsoft Azure handles Identity and Access Management in the public cloud With enterprise-quality identity governance that lets you manage access for your users, Azure offers these key Identity and Access Management features: 1. Sync existing identities and enable single-sign on to Azure, Office 365 and a world of other cloud apps 2. Azure monitors access patterns to identify and mitigate potential threats 3. Help prevent unauthorized access with Azure Multi-Factor Authentication 4. Empower end users with self-service identity management capabilities Tadd Says Office cloud apps beef up Microsoft recently announced improvements to the security of Azure resources, including the roll out of a Role Based Access control framework and strong controls on network access, including internet access. 4 Azure also offers strong solutions for securing systems in the cloud and on premise, including multi-factor authentication, granular device management policies for leading mobile and desktop platforms, and rights management services to protect and track access to sensitive data and communications.

Security Concern #2: Network Security It s one thing to keep unwanted visitors out of your data center. Firewalls have been a critical part of your network for years. What about when your data center is in the cloud? What new vulnerabilities does that expose your data to? With the public cloud, and specifically Microsoft Azure, many are curious about how Microsoft will manage this - and what your role is in filling any gaps. How Microsoft Azure addresses Network Security Azure keeps your virtual machines and data isolated from undesireable traffic and users, while making it easy for the right people to get access via encrypted or private direct routes, with these key features: Firewalled and partitioned networks protect against unwanted Internet traffic Securely connect to your on premise data center or a single computer using Azure Virtual Network Manage virtual machines with encrypted remote desktop and Windows PowerShell sessions Use Azure Express Route to keep traffic off the Internet altogether providing a private link between you and Azure Tim Says New for 2015 5 Good news: Azure introduced a free real-time threat protection called Microsoft Anti-Malware for Virtual Machines and Cloud Services during presentations at TechEd Europe 2014.

Security Concern #3: Data Protection Once your data is out in the wild, it s even more important than ever to know that it s encrypted and protected, in the event of any leakage. Not only that, but with cloud services, you re no longer there in person to oversee destruction and decommissioning. This raises several concerns if you don t know how the provider will manage these core protocol. How Microsoft Azure addresses Data Protection Data protection is a priority for your organization. This is why Microsoft Azure holds nothing back when protecting your information, using safeguards like encryption and operational processes for data destruction to keep your data safe, including these key features: Encryption that secures data in transit between data centers and you, as well as between Microsoft data centers Optional additional encryption using a range of approaches, where you control the method and the keys Want to delete or leave Azure? No problem. Strict industry standards are followed for overwriting unneeded data, as well as physically disposing decommissioned hardware Tadd Says 6 Microsoft has rigorous security policies and processes to protect Azure in their role as the cloud provider, but security of applications in the cloud is a shared responsibility. Ensuring the security of data in transit and at rest (regardless of location), and applications and services built on top of the Azure service is your responsibility. Understand any obligations that aren t met by the measures taken by Microsoft and plan accordingly.

Security Concern #4: Data Privacy Data privacy is one of the most controversial topics of our era, in this data overloaded world. From national security scandals, to how and why companies access our own personal data, these concerns are top of mind when moving your data center activities to the cloud. Paramount among concerns of moving your data to the public cloud - and specifically Azure - is how is your data kept private, who may access it and when. How Microsoft Azure addresses Data Privacy When it comes to Data Privacy, Microsoft provides plenty of protection and control. You control where data resides and who can access it, with these key features: Specify geographical area where your data is stored data can be replicated within an area for redundancy Meets EU Data Protection Directives with additional contractual commitments about the transfer of personal data Limit Microsoft s access to and use of your data give them access only as necessary to service and troubleshoot Your data is never used for advertising purposes Jason Says It s a popular misconception the cloud is less secure than what you have onsite. 7 The truth is, all the security you need is there. It s just different. Azure introduces a new level, and type, of security.

Security Concern #5: Defending From Security Threats Even with the best firewall, encryption and security practices, threats still emerge. Data protection needs to always stay vigilant. When it s managed on premise, you have complete oversight. When your data lives in the cloud, who s in charge? How are threats handled? What power or ability to address threats do you have or is it completely out of your hands? How Microsoft Azure defends your data from intrusions and security threats Known and emerging threats are a constantly evolving battleground. Microsoft provides a hefty array of defenses to continually keep your data protected, with these key features: Manage and control security updates for Microsoft software, applying your own processes to manage your virtual machines the way you need Continuous traffic monitoring and analysis to reveal anomalies and threats forensic tools dissect attacks, and logging can help you decipher what happened Perform your own penetration testing for the apps you run in Azure Microsoft does its own penetration testing for Azure services Tim Says Pro Tip 8 If penetration testing your apps on Azure, avoid being flagged as an actual threat. Make sure you get authorization from Microsoft well in advance. Fill out this form when you want to get started.

Security Concern #4: Compliance Compliance is a whole other set of concerns for customers hoping to keep their data safe and their businesses out of harm s way. With Azure, cloud compliance is easy giving you access to a vast array of regulatory standards and agreements. These include: ISO 27001 SOC 1 SOC 2 FedRAMP UK G-CLOUD PCI DSS HIPAA For a deeper understanding of Microsoft Azure and compliance, check out our other guide, The Essential Guide to Azure Compliance. Tadd Says Stay Up-to-Date! 9 Security measures are always improving with Microsoft Azure. Understand the latest features and benefits, as well as stay protected by threats as they emerge, by visiting the Microsoft Trust Center.

Final Thoughts... While Microsoft Azure offers your business tremendous opportunity for growth and competitive leadership in the years ahead, security concerns should not be taken lightly. The information in this guide is meant as a primer. To get in-depth, custom and non-biased advice to craft your own cloud enterprise, consult with a Softchoice Microsoft specialist today. Jumpstart your move to the public cloud - and Microsoft Azure - with our Softchoice Azure. Streamline your planning phase Get a clearly-defined strategic road map Understand the total costs and opportunities Read on to learn more about the Softchoice Azure

Azure TechCheck Assessment Evaluating the Impact of Microsoft s Cloud Infrastructure Softchoice s Azure TechCheck Assessment helps clients precisely evaluate how an existing environment maps to potential public cloud offerings. For clients considering migrating an entire data center, or looking to target an existing development and test environment, the Azure TechCheck provide the insight needed to justify projected effort supported by a formal cost evaluation and risk analysis led by a consultant. The Azure TechCheck catalogs legacy silos of technology and arms clients with a fact-based portrait of the current state environment. Softchoice combines the collected data with technical experts spanning the data center and hybrid cloud to help plot the way forward. Phase Client Benefit Who should be involved? Softchoice recommends clients assemble a cross functional IT team with a senior IT leader sponsor that provides alignment to the issues, business drivers and guides prioritization. Discovery Analysis Workshop & Analysis Report TechCheck Summary Using an agent-less data collection tool to gather an end-to-end view of the existing server/storage infrastructure Softchoice technical experts evaluate findings and consolidate the broad data to identify potential barriers Sets actionable insights that are validated with a client findings and recommendations session Delivers a comprehensive view of impacted infrastructure Review business demands and current issues Review risks and remediation through guided data review and recommendations Provide a structured review of the Azure TechCheck and evaluate options with a Softchoice Azure subject matter expert Workload summaries of data center Reporting on local divisions of environment, customized to business requirements A basic projected cost analysis on migrat Why Softchoice for Azure Planning? Cross-discipline expertise spanning leading vendors in data center, hybrid cloud and public cloud scenarios Architect and engineers carry over 10 year average tenure Proven IaaS planning methodology to connect on premise data center infrastructure investments with the potential of the cloud Day-to-day operations for over 400 core and hybrid infrastructure 100% of organizations who engaged Softchoice for Cloud Services rated Delivery Methodology as valuable or better when compared to alternatives. Source : TechValidate TVID:C2E-EBB-3CE To arrange for a Azure TechCheck, contact your Softchoice Account Manager today and request an appointment! Connect with us today. 1.800.268.7638 www.softchoice.com @softchoice facebook.com/softchoice

Need Help Now? Softchoice IaaS Accelerator for Azure Accelerating the Adoption of IaaS The Softchoice IaaS Accelerator for Azure is for clients who want to improve their planning and evaluation approach to Azure. The Softchoice IaaS Accelerator for Azure streamlines the process by applying a proven approach based on a set number of servers, and includes the implementation of a single, initial workload. The result is a clearly-defined roadmap that informs a long-term vision, including costs associated with Azure s subscription model. Deliverables Planning and discovery Design Implement Validation Project closure and recommendations Client Benefits Identify critical success factors and collect necessary inputs to guide execution Gain a rich understanding of the capabilities of Azure as it relates to the client s goals Capture metrics and data associated with up to twenty (20) workload defined virtual servers and identify any network redundancy limitations as an input to roadmap Provides logical hierarchy and server placement based on Softchoice best practices Creation and configuration of cross-premises connectivity over site-to-site IPsec VPNs using the Windows Azure Virtual Network to build a secure link between the target and source location Validates the configuration, authentication and administration capabilities based on a standard quality assurance approach Provide appropriate knowledge transfer and recommendations Why the Softchoice IaaS Accelerator for Azure works Based on client feedback and real-world deployment findings, Softchoice created the IaaS Accelerator for Azure to fast track your evaluation and adoption of this feature-rich technology. Softchoice has completed over 5,000+ projects throughout North America helping clients discover, plan, deploy, adopt and operate solutions. Using similar delivery best practices, the IaaS Accelerator for Azure improves returns and lowers risk through effective planning to align technology with desired business outcomes. How to get started Call your Softchoice Account Manager to set up an appointment with a Softchoice Solution Architect, who has advanced knowledge of Microsoft technology. They will provide more information and a statement of work, where specific assumptions and deliverables are outlined.

Need Help Now? Softchoice Azure Accelerator For Microsoft Windows Server 2003 The Microsoft Azure Accelerator for Windows 2003 is for clients who want to relocate critical servers or services ahead of the Windows 2003 end of life deadline looming in July 2015 to the Azure cloud service platform. This engagement is customized for each client, and results in a roadmap to a alternative service delivery model over legacy Windows 2003 servers. OS upgrades, application remediation and long-term vision are all addressed, along with Azure s subscription model in transforming legacy Windows Server 2003 workloads into modern data. Deliverables Planning and discovery Design Implement Validation Project closure and recommendations Client Benefits Identify critical success factors and collect necessary inputs to guide execution Gain a rich understanding of the capabilities of Azure as it relates to the client s goals Leveraging Softchoice s TechCheck Assessment Discovery technology, we capture current state services and requirements to ensure successful relocation to Azure Provides logical hierarchy and server placement based on Softchoice best practices Creation and configuration of cross-premises connectivity over site-to-site IPsec VPNs using the Windows Azure Virtual Network to build a secure link between the target and source location Validates the configuration, authentication and administration capabilities based on a standard quality assurance approach Provide appropriate knowledge transfer and recommendations Why the Softchoice Azure Accelerator for Windows Server 2003 works Based on client feedback and real-world deployment findings, Softchoice created the Azure Accelerator series to ensure repeatable methodology and adoption of feature-rich technologies. Softchoice has completed over 5,000+ projects throughout North America helping clients discover, plan, deploy, adopt and operate solutions. Using similar delivery best practices, the Azure Accelerator for Windows Server 2003 improves returns and lowers risk through effective planning and alignment to desired business outcomes. How to get started Call your Softchoice Account Manager to set up an appointment with a Softchoice Solution Architect, who has advanced knowledge of Microsoft technology. They will provide more information and a statement of work, where specific assumptions and deliverables are outlined. 12

About Us Softchoice is a leading North American services and solutions provider, offering professional services, procurement and architecture excellence in all areas of the data center. With a deep bench of Microsoft technical experts, we are the leading Enterprise Agreement reseller in the United States and Canada, and we offer a series of non-biased data-driven assessments that help our clients chart the best path for their business needs. Softchoice is also a leader among technology solutions partners for providing insight, and hands on experience in the planning, licensing, delivery and maintenance of large-scale business cloud projects. From our SaaS management dashboards to our accelerator programs, we give you everything you need to be successful in the cloud. Other guides in this series: The Essential Guide to Licensing & Consuming Azure The Essential Guide to Azure Compliance 13 Connect with us today. 1.800.268.7638 www.softchoice.com @softchoice linkedin.com/company/softchoice

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information