Today I’m very happy to announce a new industry vertical white paper related to Azure Security.
The name of the white paper is A Practical Guide to Designing Secure Health Solutions Using Microsoft Azure. In it you’ll receive guidance around considerations you need to make regarding the secure use and implementation Azure cloud technology.
These considerations center around:
- Risk management
- Shared responsibility
- Establishing an information security management system
- Understanding industry and local regulations
- Establishing standard operating procedures
The paper also outlines and provides recommendations targeted at 13 security principles that are aligned to both a standard information security management standard (such as ISO 27001) and standard development processes (such as Microsoft’s Security Development Lifecycle [SDL]). You’ll also get a practical view of the key principles by applying them in a “lift and shift” healthcare-based case study.
The table of contents includes:
Compliance and Security Methodology
Standard Operating Procedures
Incorporating Regulatory Considerations – Health Industry
Key Principles and Recommendations for Secure Development and Operations
1. Enable identity and authentication solutions
2. Use appropriate access controls
3. Use industry-recommended, enterprise-wide antimalware solution
4. Effective certificate acquisition and management
5. Encrypt all customer data
6. Penetration testing
7. Threat modeling services and applications
8. Log security events, implement monitoring and visualization capabilities
9. Determine the root cause of incidents
10. Train all staff in cyber security
11. Patch all systems and ensure security updates are deployed
12. Keep service and server inventory current and up-to-date
13. Maintain clear server configuration with security in mind
Applying Key Principles in Use Case of Lift and Shift | Implementation of a Healthcare Application
We all had a great time putting this paper together for you and hope that you’ll find some valuable information inside. Please let us know if there’s anything in the paper that we can elaborate on, or if you have some suggestions for additional content. Just put a comment below and we’ll quickly address your response.