Azure Security. Securing cloud apps and infrastructure the right way
Half the battle with securing the cloud is understanding the services and how they differ to on-premises. In this blog I’m going to highlight some key areas to consider when securing your Azure based solutions.
Provide a baseline
The first step is to get the organisation on the same page regarding a security baseline. If all data must be held in the UK – people need to know about it. If a web application firewall must be used for all apps – Structure an onboarding processes to make that happen. Without the proper governance in place you’ll find resources springing up all over the place and quickly lose track.
Tips
- Use Azure policy to audit or enforce security standards but be careful to not be too restrictive.
- Use management groups and subscriptions for logical separation.
- Adopt DevOps and template the build process to ensure security requirements are met.