03-27-2020, 08:16 AM
Keeping cloud deployments secure during challenging times
<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times.png" width="519" height="115" title="" alt="" /></div><div><p>As the world comes together to combat COVID-19, and remote work becomes a critical capability for many companies, customers have asked us how to best maintain the security posture of their cloud assets while enabling more remote workers to access them.</p>
<p>Misconfiguration of cloud security controls has been <a href="https://www.csoonline.com/article/3208905/top-cloud-security-controls-you-should-be-using.html" target="_blank" rel="noopener noreferrer">at the root</a> of several recent data breaches, so it’s extremely important to continue monitoring your security posture as usage of cloud assets increases.</p>
<p>To help you prioritize the actions that you need to take, we are listing three common scenarios for remote workers and how to leverage Azure Security Center security controls to prioritize relevant recommendations for these scenarios:</p>
<blockquote>
<p>1. As more users need to access resources remotely, you need to ensure that <a href="https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/untrusted-networks" target="_blank" rel="noopener noreferrer">Multi-Factor Authentication (MFA)</a> is enabled to enhance their identity protection.</p>
</blockquote>
<ul>
<li>Azure Security Center has a security control called Enable MFA, ideally you should remediate all recommendations that are part of this security control, as shown below:</li>
</ul>
<p><a href="https://azurecomcdn.azureedge.net/mediahandler/acomblog/media/Default/blog/5d16c70c-1df3-4a86-bc83-3ef777c79eea.png"><img alt="image" border="0" height="115" src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times.png" title="image" width="519"></a></p>
<blockquote>
<p>2. Some users might need remote access via RDP or SSH to servers that are in your Azure infrastructure.</p>
</blockquote>
<ul>
<li>Instead of allowing full 24 x 7 access to those servers, ensure that you are using <a href="https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time" target="_blank" rel="noopener noreferrer">Just-In-Time (JIT) VM access to those servers</a>. Make sure to review the Secure management ports control in Azure Security Center and remediate the recommendations that are relevant for this scenario.</li>
</ul>
<p><a href="https://azurecomcdn.azureedge.net/mediahandler/acomblog/media/Default/blog/3db6890c-69bc-4d07-b330-5dedc45894b6.png"><img alt="image" border="0" height="106" src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times-1.png" title="image" width="537"></a></p>
<blockquote>
<p>3. Some of the workloads (servers, containers, databases) that will be accessed remotely by users might be missing critical security updates.</p>
</blockquote>
<ul>
<li>Review the Remediate vulnerabilities control in Azure Security Center to prioritize the updates that must be installed. Make sure to review the result of all recommendations in <a href="https://docs.microsoft.com/en-us/azure/security-center/built-in-vulnerability-assessment" target="_blank" rel="noopener noreferrer">built-in vulnerability assessment</a> and remediate those items.</li>
</ul>
<p><a href="https://azurecomcdn.azureedge.net/mediahandler/acomblog/media/Default/blog/e1c4a96a-2bf5-4c7e-ae7f-b0e9b0844060.png"><img alt="image" border="0" height="223" src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times-2.png" title="image" width="553"></a></p>
<p>Security posture management is an ongoing process. Review your <a href="https://docs.microsoft.com/en-us/azure/security-center/secure-score-security-controls" target="_blank" rel="noopener noreferrer">secure score</a> to understand your progress towards a fully compliant environment.</p>
<p>Users of Azure are likely just a portion of your user base. Below is additional guidance on enabling and securing remote work for the rest of your organization:</p>
</div>
https://www.sickgaming.net/blog/2020/03/...ing-times/
<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times.png" width="519" height="115" title="" alt="" /></div><div><p>As the world comes together to combat COVID-19, and remote work becomes a critical capability for many companies, customers have asked us how to best maintain the security posture of their cloud assets while enabling more remote workers to access them.</p>
<p>Misconfiguration of cloud security controls has been <a href="https://www.csoonline.com/article/3208905/top-cloud-security-controls-you-should-be-using.html" target="_blank" rel="noopener noreferrer">at the root</a> of several recent data breaches, so it’s extremely important to continue monitoring your security posture as usage of cloud assets increases.</p>
<p>To help you prioritize the actions that you need to take, we are listing three common scenarios for remote workers and how to leverage Azure Security Center security controls to prioritize relevant recommendations for these scenarios:</p>
<blockquote>
<p>1. As more users need to access resources remotely, you need to ensure that <a href="https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/untrusted-networks" target="_blank" rel="noopener noreferrer">Multi-Factor Authentication (MFA)</a> is enabled to enhance their identity protection.</p>
</blockquote>
<ul>
<li>Azure Security Center has a security control called Enable MFA, ideally you should remediate all recommendations that are part of this security control, as shown below:</li>
</ul>
<p><a href="https://azurecomcdn.azureedge.net/mediahandler/acomblog/media/Default/blog/5d16c70c-1df3-4a86-bc83-3ef777c79eea.png"><img alt="image" border="0" height="115" src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times.png" title="image" width="519"></a></p>
<blockquote>
<p>2. Some users might need remote access via RDP or SSH to servers that are in your Azure infrastructure.</p>
</blockquote>
<ul>
<li>Instead of allowing full 24 x 7 access to those servers, ensure that you are using <a href="https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time" target="_blank" rel="noopener noreferrer">Just-In-Time (JIT) VM access to those servers</a>. Make sure to review the Secure management ports control in Azure Security Center and remediate the recommendations that are relevant for this scenario.</li>
</ul>
<p><a href="https://azurecomcdn.azureedge.net/mediahandler/acomblog/media/Default/blog/3db6890c-69bc-4d07-b330-5dedc45894b6.png"><img alt="image" border="0" height="106" src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times-1.png" title="image" width="537"></a></p>
<blockquote>
<p>3. Some of the workloads (servers, containers, databases) that will be accessed remotely by users might be missing critical security updates.</p>
</blockquote>
<ul>
<li>Review the Remediate vulnerabilities control in Azure Security Center to prioritize the updates that must be installed. Make sure to review the result of all recommendations in <a href="https://docs.microsoft.com/en-us/azure/security-center/built-in-vulnerability-assessment" target="_blank" rel="noopener noreferrer">built-in vulnerability assessment</a> and remediate those items.</li>
</ul>
<p><a href="https://azurecomcdn.azureedge.net/mediahandler/acomblog/media/Default/blog/e1c4a96a-2bf5-4c7e-ae7f-b0e9b0844060.png"><img alt="image" border="0" height="223" src="https://www.sickgaming.net/blog/wp-content/uploads/2020/03/keeping-cloud-deployments-secure-during-challenging-times-2.png" title="image" width="553"></a></p>
<p>Security posture management is an ongoing process. Review your <a href="https://docs.microsoft.com/en-us/azure/security-center/secure-score-security-controls" target="_blank" rel="noopener noreferrer">secure score</a> to understand your progress towards a fully compliant environment.</p>
<p>Users of Azure are likely just a portion of your user base. Below is additional guidance on enabling and securing remote work for the rest of your organization:</p>
</div>
https://www.sickgaming.net/blog/2020/03/...ing-times/