Microsoft IT (known to many as MSIT) uses Azure Security Center to help secure Microsoft corporate assets.
MSIT uses Azure Security Center to assess their overall security ecosystem, improve the security knowledge of their internal teams, discover new threats and of course, get security alerts to inform them of possible security issues.
If you’re an enterprise organization, you’ve probably already gone through Getting Started with Azure Security Center – you might have gone through our Azure Security Center Planning and Operations Guide as well. Those are great starts, and if you haven’t read those docs, make sure to do so.
But once you’ve completed your testing and decided that Azure Security Center is a good solution for you, the next steps need to be considered from an enterprise perspective.
That enterprise perspective includes making sure that you set up Azure Security Center consistently and that it can scale to your complex environment.
You’ll need to make complex operational decisions such as:
- What Security Policies will you configure in Azure Security Center and how will you send them up consistently?
- How to set up the storage accounts, including considerations regarding the locations of these accounts?
- How to figure in the storage costs for Azure Security Center data
- If you decide to deploy a partner solution, such as an web application firewall from within Azure Security Center, which one should you use?
- How to route information from Azure Security Center to your on-premises SIEM using Azure Log Integration?
These are just a few considerations and decisions you’ll need to make as an enterprise IT Azure Security Center shop. To learn more about how Microsoft IT uses Azure Security Center, read the article Take Control of Cloud Security with Azure Security Center.