Cloud Security

With the maturity of cloud, usages of the Cloud Computing is rocketing as they are offering enrich services at affordable price. It's normal that an organization having multiple subscriptions and multiple users' managing it. Azure logs every user's activities that are performed against its resources including the action performed by pre-defined code using Runbook. What so ever the error collection domain the Microsoft gives, I prefer to group this into two. Logs auto-generated by System/Application or User Activates Log, which will trigger the previous logs. In this blog, I will discuss how user activities can be traced down to the various events so that anomalies (defined by the organizational norms) can be detected. User Login User's identity could be cloud only, federated or hybrid. Depending on their identity model, Azure Active directory will handle the authentication or will forward to the identity handler. For example, if ADFS is in place, then it will re

"Identity revolves around who am I ? and how can I prove that I am the one who is claiming to be."  Proving absolute need of access to the right people is key to success for every organization. Due to the growth of modern workspace and social life, identity management has become more challenging. Every day we deal with multiple identities within a corporate setting and forgetting identities of least recently used has become common. Thanks to "Forget Passport" - Self Service Password Reset features.   To deal with this situation Microsoft usages its most powerful tools Active Directory - Single Source of Authority for on-premises domain user's and applications, known as On-Premises Identity , Azure Active Directory - Cloud Identity for all cloud-based application and resources and Hybrid Identities - which extends on-premises identities to the Azure Active Directory so that existing users can access cloud-based application using their identities. It enables