Security is one of the primary factors that organizations consider while making decisions about moving to the cloud. Azure has a robust security model which has been discussed in previous post in the context of ADLS Gen2. This post is going to look at the specific tools available within Azure to monitor and enable customers to implement robust security policies.
Let’s have a look at some of these tools:
- Azure Security Center: This is the primary infrastructure security management tool. Some of the security challenges that this tool can address are fast changing workloads. Since one of the major advantages of cloud is flexibility, most cloud workloads are rapidly changing. Sometimes it becomes difficult to adhere to all the security best practices in a fast-changing workload environment. Azure security centre can assess the workloads for security compliance and identify other complex security threats. Azure Security Center also provides recommendations that can be implemented to improve security of the resources.
- Azure Key Vault: Key Vault provides a central tool to store and manage keys, secrets, certificates, tokens and passwords. Key Vault provides features to easily manage access to them. It provides the option to protect secrets using software or by specialized hardware called Hardware Security Modules (HSM). Azure Key Vault does not allow Microsoft to see or extract any data managed through it.
- Azure Monitor Logs: This is log data platform that collects activity logs and monitoring data that can be further analyzed to identify cracks in the security across multiple resources on Azure.
- Azure Sentinel: This is security information event management security solution hosted on the Azure cloud. Using Azure Sentinel, administrators can collect data on all users, devices, applications and infrastructure. Azure Sentinel uses artificial intelligence to hunt for threats and detect suspicious activity. It comes with in-built connectors for multiple Microsoft services such as Microsoft Threat Protection, Microsoft 365, Azure AD etc. Azure sentinel comes loaded with hunting, search and query tools to actively hunt for threats even before any alerts are generated.