A Look at Azure Security Center



Looking for something specific?

You can’t be too careful with the cloud. More enterprises are using cloud and hybrid environments for their organizational workloads. Microsoft Azure is a major player in this trend. In an assessment of cloud platforms and services provided by iDataLabs, Azure holds over 19% of the market share, the second biggest slice of the pie. This industry trend means more companies need to be prepared for cloud level security. Microsoft offers an in-house security solution in the form of Azure’s Security Center that is convenient and powerful. We want to talk briefly about what it does, and some new and exciting enhancements that have increased its scope as an organizational security tool.

What is Security Center?

This is Microsoft’s unified security solution that provides a platform for protocol deployment, monitoring and prevention. The service is available to Azure subscription users as a free extension or as an additional fee (Standard subscription). The free version covers your Azure cloud. But if you use hybrid environments and additional platforms, the Standard subscription allows you to deploy Security Center across your whole system.

Intelligent and Adaptive – Azure Security Center sets itself apart from other security protocols with its adaptive analytics. Using machine learning and security analytics, the service monitors data and users for enhanced threat detection and prevention. It can learn from your patterns to recommend which apps to whitelist. Recent enhancements have extended the file type library (MSIs and Scripts) and added Virtual Machine grouping based on which applications are contained in each VM. These enhancements make the feature more accurate and easier for you.

New Overview Dashboard – Microsoft recently announced the release of a new interactive dashboard for Azure Security Center. This provides increased levels of visibility, control and monitoring. Previous versions showed security per subscription. This has been broadened to allow visibility at the organizational level.

• Management Groups - With the creation of management groups you can have better control over your security policies. In the dashboard you can create management group security policies for better organizational compliance.
• Compliance Scores - You can now view your organization’s compliance level with compliance scores broken down into tiers. An organizational compliance score gives you a broad overview. Additional scores for each subscription and management group provide a more detailed look.

Just In Time Virtual Machine Access – When your management ports are open, your Virtual Machines (VMs) are more vulnerable to attack. These ports do not need to be open all the time. You only need them for when you need to do maintenance or management. With Just In Time, your ports are locked down to incoming traffic except when specified by an authorized user. The user request is authenticated, and then the ports are open for a set amount of time. After that, they are automatically closed again. This is a great tool to implement against brute force attacks.

Unified Security Protocols – Microsoft knows that your data platform designs are not one-size fits all. Every organization designs their own unique architecture to work best. Many times, this involves a hybrid of on-premises and cloud solutions. Azure Security Center can protect a wide range of solutions so that you can have one umbrella of unified coverage.

Integrated Security – With Security Center you can continue to use trusted solutions. Many third-party security applications can be run with Security Center as partner solutions. The additional data is integrated into the health assessments to provide the most comprehensive overview. Some solutions can even be managed through security center. This provides a truly unified security experience.

If you are using Microsoft Azure, we highly recommend exploring how Security Center can improve your security and compliance. To learn more about how Dobler Consulting can help improve your security visit www.doblerconsulting.com or call us at +1 (813) 322-3240 (US) /+1 (416) 646-0651 (Canada).