Securing Azure VM - Checklist

Organization lean towards cloud is growing. Many enterprises are planning to fully deploy their infrastructure to the cloud. As an initial step they are embracing Software as a Service and extending their workload to the cloud, making it as a secondary site for compute and storage resources.

Creating resources in Azure is simple, will finishes within few clicks, however if we missed few steps or rule of thumbs on provisioning resources, it might leave a loop hole which could be easily exploited.

Below is the checklist for consideration to ensure that you have securely deployed your resources (VM) to Azure Cloud.
  • Network Setup

    • Is your network Isolated and breakdown into different zones? 
    • Do you need to stop different zones/subnets communicating with each other? 
    • Is Network Security Group applied? 
    • Can you justify the need of PublicIP?
    • How you are planning to RDP VM? 
    • Did you have list of endpoints of Azure VM to be provisioned?
    • Do you need all those endpoints?
    • How secure is your VPN connection to Azure?
  • Storage Setup

    • Make a choice of your Storage, Managed Storage is recommended.  
    • Do you have policy defined to change Storage Key frequency? 
  • Role Base Access Control 

    • Who has access to which Resources? 
    • Is there separation of duty? 
    • Does they need that level of Access? 
    • Is it based on absolute need?
    • Is any user is over privileged?
    • Are you following rule of least privilege? 
  • Diagnostic Setting 

    • Is logging required?  
    • Is retention period meet your business needs? 
  • Operational Management Suite (OMS)

    • Is  agent deployed?
    • Is your objectives clear? 
    • Do you regularly check it? 
    • Do you have response plan? 
  • Insight and Analytics 

    • Do you regularly analyze the usages pattern of  the resources? 
    • Is there any suspicious activities? 
  • Azure Logging and Auditing

    • Has logging been enabled? 
    • Do you get notification of changes about the resources? 
  • Threat Intelligence

    • Do you read the security alerts? 
    • How often you respond to those alerts? 
    • Golden rules : Identify - Isolate - Analyze - Respond 
  • Backup

    • Is data being backed up regularly? 
    • Does it meet your business needs?
    • Who has access to theses backup Storage Accounts?
    • How quickly you can restore them? 
    • Is it stored in an Isolated Environment? 
  • Encryption 

    • Is Data Encrypted ?
    • Is your VM Encrypted ? 

Comments

  1. Outstanding as well as powerful suggestion by the writer of this blog site are truly valuable to me. Sophos antivirus Brisbane

    ReplyDelete

Post a Comment

Popular posts from this blog

Deploy Palo Alto in Azure

Demystifying System and User Define Routes of Azure

Azure Private DNS Zone - App Service Environment V2 Step by step - Part 2