How to Secure Microsoft Azure

Microsoft systems have some very powerful security features, but all the tools in the world aren’t going to do us any good if we don’t know how to use them effectively. Here are some best practices for securing Microsoft Azure, protecting your employees and your business.

#1 – Azure Security Centre

  • Enable the monitoring agent function.
  • Set virtual machine security data collection by default.
  • Activate all recommended security settings as per your IT security policy, including encryption, software patches, compliance, etc. 
  • Keep in mind that security recommendations may change over time as new features are added or more diverse services are used, so check in with this every month.
  • If needed, upgrade from the basic security Azure offers to the standard tier, which offers threat detection (for SQL injection and SQL injection vulnerabilities) on virtual machines and databases.
  • Ensure that security contact information is correct and up to date so that security alerts reach the right people.

#2 – Azure Active Directory

  • Make sure every user with an administrative role has a strong, complex password, and that multi-factor authentication is enabled. Password controls can be enabled using the password policy settings.
  • Custom roles should be audited to ensure permissions are limited to their specific role.
  • Do not allow guest user profiles unless strictly necessary and ensure specific permissions.

#3 – Networking

  • Limit access to SSH and RDP (ports 22 and 3389) in Network Security Groups to limit the possibility of brute force attacks.
  • Activate the SQL Server Firewall if you are running a Microsoft server.
  • Back this security layer up with operating system firewalls in case of an error.
  • Evaluate your infrastructure on a regular basis to check for network and host vulnerabilities.

#4 – Cloud Security

  • Store all data with full encryption, including secure transfer, blob encryption (sender side encryption), and file encryption.
  • Access keys (storage account keys) should be regularly refreshed to protect against compromise.
  • Set shared access signatures to expire in a short, limited time.

#5 – Activity Monitoring

  • Use the activity log to monitor for security events. Specifically focus on having alerts trigger for:
  • Creating or updating the security policy
  • Deleting firewall rules
  • Creating or updating firewall rules
  • Deleting, creating, or updating network security groups

Sounds Complicated? Let Us Help

Otto is your new IT department. We’re here to make tech work for your business, to keep you up and running 24/7, and to keep your data secure. Whether you are looking for a cybersecurity partner, an IT support team, or a managed IT provider, we can help you out. Give us a call for a no-obligation consultation and find out how we can help you grow.