Disabling Server Message Block Version 1 (SMB v1) in Azure

Microsoft has always considered security to be priority #1. Whether it be in the cloud, on-premises, or across hybrid deployments, security is part of our DNA and we do whatever we can to help protect our customers and our platform. This is especially true when it comes to the Azure public cloud, where Microsoft has…


Microsoft Encryption of Data-at-Rest White Paper

There are essentially 3 types of encryption you want to think about when working with a cloud service provider: Encryption at Rest Encryption in Flight (network encryption) Encryption in processing (application data encryption) Encryption at rest is about protecting data on disk. You need to make sure that an attacker who might to acquire a…


Deprecating Azure disk encryption preview extension for Linux IaaS VMs

The Azure Disk Encryption engineering team has deprecated the Linux security extension  “Microsoft.OSTCExtension.AzureDiskEncryptionForLinux”. This extension was published for Azure disk encryption preview release. You should not use the preview version of the extension in your testing or production deployment. For deployment scenarios like Azure Resource Manager (ARM), where you have a need to deploy Azure…


Azure Network Security Whitepaper/Article Released

One of the biggest challenges we have when learning about a new cloud service provider is trying to figure out what that provider has. In fact, it’s hard even if you’re already using that cloud service provider! For example, “what does Azure have that’s related to my network security concerns?” The answers would come pretty…


Azure Logging and Auditing–Turn Chaos into Order

Azure is a big thing – so big that a lot of you tell me it’s hard to keep up. But you’re also IT pro’s, you’re used to learning new things – IT definitely isn’t the profession you chose to not learn new things. Indeed – this is the life we’ve chosen. And that’s a…


New Azure Security Whitepapers–A Security Bonanza!

They’ve been a long time coming – the Azure Security White Paper collection. This isn’t just a white paper or two. This isn’t marketing stuff and fluff. This isn’t just click-this and click-that. This is the real deal – information you can use to understand what Azure has to offer when it comes to security….


Azure TLS Certificate Changes

We know security is a top priority for you, and so is uptime of your applications. To give you additional assurance of the authenticity of Azure services, most Azure services get their SSL/TLS certificates from a known set of intermediate certificate authorities (CAs) that Microsoft operates. Microsoft publishes details of these CAs in its Certificate…


Azure Security Center Dashboard Updated

Good news on the Azure Security Center front! We’ve refreshed the dashboard to make it easier for you to: Identify new issues with your Azure Virtual Machines and PaaS services Find those issues easily using the New alerts & incidents tile Get to work fast with the ROI on investigations by using the Most attacked…


Security Update Guide ushers in a new era of Microsoft updates

What do you think is the most important thing you can do to help secure both your client and server deployments? If you said, “apply security updates as soon as possible” – then you guessed right. Updating your applications, operating systems and firmware must be job one. Play fast and loose with updates, and it…