Cross-Posting: Multi-factor Authentication Cloud Security Controls

Good afternoon community: Here is the next cross-positing of Tim Rain’s blog from the cloud security controls series on multi-factor authentication. This particular posting is very valuable in the value and implementation of multi-factor authentication for your assets and applications in the cloud.   We look forward to your comments and feedback on what you would like…

0

Certificate Management in Azure: Do’s and Don’ts

This post comes from Avi Ben-Menahem, a Principal Security Program Manager in the Azure Security engineering team. There are multiple services that require credentials for secure access or data protection as part of service development and operations in Azure. Some of the most immediate examples include SSL (ok, actually TLS, but we’ll refer to it…

0

Cross posting: Azure Active Directory’s Access and Usage Reports

Good morning community: I thought I would share a good cross-positing of Tim Rain’s blog on Azure Active Directory’s Access and Usage Reports. It is a part of a new cloud security control series and very tightly tied in the Azure Security controls and operations discussed and shared in this blog. Stay tuned, there is…

0

Best Practices to protect your Azure deployment against “cloud drive-by” attacks

As a follow-up to David Cross‘s “Cloud Security as a Shared Responsibility” blog, I’d like to share the perspective of the Microsoft Security Response Center (MSRC). The MSRC executes security response activities for threats that target Azure’s internal infrastructure and customer deployments. This experience provides a unique perspective on how cloud providers and customers are…


Azure Active Directory Audit logs

This post comes from Namgyal Dolker, a senior security program manager in the Azure Security engineering team. One of the primary concerns from customers is the sense of losing the visibility into what is happening in their cloud service.  They want to understand how to perform many of the same actions and activities In the…

1

Cloud Security as a Shared Responsibility

I thought it would be valuable to start a series of conversations on how Microsoft thinks, acts and enables cloud infrastructure security from an Azure perspective.  Cloud security is a shared responsibility between Microsoft and all our tenants.  We (Azure) protect the infrastructure, we detect fraud and abuse and we respond to incidents by notifying…

1

Building Cloud Trust

A few weeks ago, Vijay Kumar and I delivered a session at the RSA Conference in San Francisco where we discussed how you can trust a cloud provider.  As we discussed in our session using the Microsoft cloud as an example, trust is perhaps one of the most fundamental aspects people need and seek out when they…

0

How to Collect and Analyze Azure Security Logs

Approximately 2 months ago, Mahesh Nayak, a Senior Program Manager in the Azure security team published whitepaper titled Microsoft Azure Security and Audit Log Management. This has been a very popular topic for many customers who have recently moved to Azure and are looking to collect and analyze the security logs for their cloud based…

0

Azure Disk Encryption Management for Windows and Linux Virtual Machines

  CLICK HERE TO SEE THE MOST RECENT POST ON AZURE DISK ENCRYPTION Also check out cool Azure Disk Encryption PowerShell tutorials! Explore Azure Disk Encryption with Azure Powershell Explore Azure Disk Encryption with Azure PowerShell – Part 2 ====================================================== This post comes from Devendra Tiwari, a senior security program manager in the Azure Security…

5

Barracuda WAF Video clips on how to protect Applications moving to Azure

Editor’s Note: This post comes from Mark Perry, Worldwide Technical Lead, Cloud Infrastructure & Security, Office of the CTO, EPG Cloud + Enterprise As customers look to move applications and data centers to the cloud, they often look to bring certain best practices along with them. Security teams have a set of best practices for…