How does an enterprise looks like when you talk about security and cloud? Complicated, rigid and challenging to accept cloud based architectures.
After working closely with security teams from different companies I identified different approaches and requirements that are standard for enterprises. In this session I want to discuss and share with you lessons learned on how we can map security requirements to Azure.
22. VNET TO VNET CONNECTIVITY
Peering – Fast and
reliable
VPN Gateway –
More granular
control of what goes
in or out
Peering /
VPN
Gateway
23.
24. CENTRAL LOGGING DATA
Activity Logs
Azure Diagnostic Logs
AAD Reporting
VM and Cloud Services
Storage Analytics
Network Security Groups
Application Insights
Security Alert
Configurable, +180 days, 90
days
27. API AND INFRASTRUCTURE CHANGES
CLOUD SERVICE PROVIDER CAN MAKE CHANGES ONLY AFTER THE NATURE OF CHANGE IS
UNDERSTOOD AND A SECURITY ASSESSMENT IS DONE
YES
• Microsoft announce 12 months in advance any
breaking changes at API or functionality level
NO
• Infrastructure and services change are done on the
fly as long as the API or functionality is not altered