Skip to content

MCW Azure security, privacy, and compliance

License

CC-BY-4.0, MIT licenses found

Licenses found

CC-BY-4.0
LICENSE
MIT
LICENSE-CODE
Notifications You must be signed in to change notification settings

cheahengsoon/MCW-Azure-security-privacy-and-compliance

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Azure security, privacy, and compliance

Contoso Ltd is a multinational corporation, headquartered in the United States that provides insurance solutions worldwide. Its products include accident and health insurance, life insurance, travel, home, and auto coverage. Contoso manages data collection services by sending mobile agents directly to the insured to gather information as part of the data collection process for claims from an insured individual. These mobile agents are based all over the world and are residents of the region in which they work. Mobile agents are managed remotely through regional corporate offices.

They are exploring a lift and shift strategy to Azure, but have a large focus on Azure Security and Privacy features.

Target audience

  • Cloud Administrators
  • Cloud Architects
  • Security Analysts
  • Security Architects

Abstract

Workshop

This workshop will guide you through an implementation of Azure Security Center and Microsoft Compliance Manager tools to ensure a secured and privacy focused Azure cloud-based architecture.

Whiteboard design session

This whiteboard design session is designed to provide exposure to many of Microsoft Azure’s security features. The goal is to show an end-to-end solution, leveraging many of these technologies, but not necessarily doing work in every component possible.

Hands-on lab

In this hands-on lab, you will implement many of the Azure Security Center features to secure their cloud-based Azure infrastructure (IaaS) and applications (Paas). Specifically, you will ensure that any internet exposed resources have been property secured and any non-required internet access disabled. Additionally you will implement a “jump machine” for admins with Application Security enabled to prevent admins from installing non-approved software and potentially exposing cloud resources. You will then utilize custom alerts to monitor for TCP/IP Port Scans and then fire alerts and run books based on those attacks.

Azure services and related products

  • Azure Virtual Machines and Networks with Network Security Groups
  • Virtual Private Networks (Point to Point, Site to Site)
  • Azure Web Apps
  • Azure SQL DB and corresponding security features (Threat Detection, TDE, Column Level Encryption, etc.)
  • Azure Storage Encryption
  • SQL Server Virtual Machines
  • Azure IAM
  • Azure Monitor and Log Analytics
  • Power BI
  • Azure Security Center
  • Azure Key Vault Integrations
  • Microsoft Azure Active Directory
  • Microsoft Intune
  • Conditional Access controls

Azure solutions

Related References

About

MCW Azure security, privacy, and compliance

Resources

License

CC-BY-4.0, MIT licenses found

Licenses found

CC-BY-4.0
LICENSE
MIT
LICENSE-CODE

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published