IT team discuss building a security roadmap in Azure

How to build a roadmap for improved Azure cloud security.

Posted 20 March 2022 by Laura

So, you've taken the plunge and migrated to Azure. We hope you're already benefitting from increased agility, productivity and innovation. And yes, Azure is great for security, too. That said, there are things you can do to make your cloud security better — bulletproof, even.

A roadmap to improved Azure cloud security is the first step, and we're going to tell you how to build it.

1. Control user access
You might have tricked out your network with the latest security software. But if you're playing fast and loose with permissions, you're still vulnerable.

Protect your data and applications by implementing access policies. Then only authorised users signing in from trusted devices and networks can get in.

2. Update your architecture
If you're still using the castle-and-moat cybersecurity model, you're giving users free rein every time you lower your drawbridge.

Think about updating your architecture (and your security analogy) with Hub-Spoke network topology in Azure. Then, you can install a next-gen firewall to inspect, analyse and control network traffic in real-time.

This means you'll be able to isolate a breach in its own little pod — kind of like a dungeon, only space age.

3. Plan ahead
You've detected a threat within your network. What will you do? If you create a cybersecurity plan, you'll already know the answer. Here are some things to consider when developing it:
•  Staff training
•  Network and device encryption
•  Identity Access Management (IAM)
•  Security software
•  Disaster recovery
• A good firewall

4. Manage and mask identities
Much like Azure itself, you can make the services and applications within it private. There are a couple of ways to do this:

Managed Identity
A managed identity enables your app or service to connect to Azure resources. And it does so securely, without users needing access to credentials, or developers having to continually update them.

Obfuscation
It's a big word, and we're not afraid to use it. When applications have no need for human intervention, you can obfuscate the identity of the processes so they are harder to recognise and compromise.

5. Automate your steps
Azure Sentinel is a Security Information and Event Management (SIEM) service that collects and analyses activity from across your infrastructure. This allows you to identify threats, investigate and remediate them quickly.

But perhaps best of all, you can create runbooks. This means you can automate steps like data enrichment and threat containment, which speeds up incidence response.

6. Set out a honeypot
Create a resource that looks tasty enough to lure hackers in, but is actually of no value.

This will allow you to:
• identify how the hacker gained access.
• analyse what the damage would be in a real-world situation.
• enact that cybersecurity plan we mentioned earlier.

All of this will provide insights into how an actual threat actor behaves, and what you could do better.

7. Benchmark your security
Azure Security Benchmark (ASB) helps you improve the security of your data, workloads, and services in Azure. And because it's consistent with well-known frameworks, like those for the Center of Internet Security, you can rely on them being the best practices. That's true even if you're working in a heavily regulated industry.

More agility, better cloud security
You might have moved to the cloud to improve the way you work. But it can make your business more secure, too, as long as you know how. By building a roadmap to improve your Azure cloud security, you can reap the rewards and avoid the risks.

If you need help on your journey, we're here for you. You might also find the Azured Guide to Cloud Identity and Access Management a useful little read.