SlideShare una empresa de Scribd logo
1 de 12
Descargar para leer sin conexión
Azure Security Fundamentals
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence
Built in + Partner
Controls
Two-factor
authentication
with biometrics
Employee &
contractor vetting
Metal
detectors
Video coverage
rack front & back
Inability to identify
location of specific
customer data
Secure
destruction bins
Ongoing
roaming patrols
Video
coverage
Ongoing
roaming patrols
Front
entrance gate
1 defined
access point
Video
coverage
Perimeter
fencing
Two-factor
authentication
with biometrics
Video
coverage
No building
signage
24x7x365
security operations
Verified single
person entry
Ongoing
roaming patrols
Background
check
System
check
Access
approval
Perimeter
Building
Server
environment
Physical datacenter security
Protect customer data
Data, network segregation. DDoS
protection at the edge. Platform
segregation. Confidential computing.
Secure hardware
Custom-built hardware with
integrated security and attestation
Continuous testing
War game exercises by Microsoft
teams, vulnerability scanning &
continuous monitoring
CUSTOMER 2CUSTOMER 1
Secure foundation
Protection at the edge
• OneDDoS protects the edge with Cloud scale filtering and
DDoS mitigation
• Edge layer protections screen unwanted traffic
• Encryption for data in transit
• Global Load Balancing improves resilience
IP and Isolation Controls
• Traffic between regions encrypted by default
• IP and protocol controls for endpoints
• Traffic isolation via site to site VPN or Azure ExpressRoute
Infrastructure security
Azure
Virtual Network
Isolation
Endpoint
Restrictions
OneDDoS
No standing access to production servers
and services. Just In Time Elevation
required.
Multi-factor authentication required for
admin actions
“Secure Workstations” required to access
production
Access requests are audited, logged and
monitored
Operational Security
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence
VIRTUAL MACHINES APPLICATIONS STORAGE & DATABASES
Built-in Controls | Data protection
Enable built-in encryption across resources
Azure Storage Service Encryption
Azure Disk Encryption
SQL TDE/Always Encrypted
Encrypt data while in use
Azure confidential computing
Use delegated access to storage objects
Shared Access Signature enables more granular access control
Use a key management system
Keep keys in a hardware HSM/don’t store key in apps/GitHub
Use one Key Vault per security boundary/per app/per region
Monitor/audit key usage-pipe information into SIEM for
analysis/threat detection
Use Key Vault to enroll and automatically renew certificates
Azure Security Center
with advanced analytics for threat detection
Virtual
machines Applications
Storage
& databases Network
Built-in Controls | Threat protection
Mitigate potential vulnerabilities proactively
Ensure up to date VMs with relevant security patches
Enable host anti-malware
Reduce surface area of attack
Enable just in time access to management ports
Configure Application Whitelisting to prevent
malware execution
Detect threats early and respond faster
Use actionable alerts and incidents
Interactive investigation tool and playbooks to
orchestrate responses
Azure Security Fundamentals
threats detected/monthBuilt-in Partner
Controls
Unique Intelligence
Built-in Partner
Controls
Azure Security Fundamentals

Más contenido relacionado

La actualidad más candente

Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and ManagementAllen Brokken
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinelarnaudlh
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Azure Active Directory - An Introduction
Azure Active Directory  - An IntroductionAzure Active Directory  - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architectureKarl Ots
 
Azure key vault
Azure key vaultAzure key vault
Azure key vaultRahul Nath
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Azure DDoS Protection Standard
Azure DDoS Protection StandardAzure DDoS Protection Standard
Azure DDoS Protection Standardarnaudlh
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 

La actualidad más candente (20)

Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
 
Azure migration
Azure migrationAzure migration
Azure migration
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to Azure
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure security
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Azure Active Directory - An Introduction
Azure Active Directory  - An IntroductionAzure Active Directory  - An Introduction
Azure Active Directory - An Introduction
 
Azure 101
Azure 101Azure 101
Azure 101
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
 
Azure key vault
Azure key vaultAzure key vault
Azure key vault
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Azure governance
Azure governanceAzure governance
Azure governance
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Azure DDoS Protection Standard
Azure DDoS Protection StandardAzure DDoS Protection Standard
Azure DDoS Protection Standard
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
 

Similar a Azure Security Fundamentals

Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceMSAdvAnalytics
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3Eoin Keary
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentationlaonap166
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET
 
BRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeBRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeAxel Dittmann
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-securityober64
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud SecurityAlert Logic
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017Micro Focus
 
Contextual Security and Application Control for Virtualized Desktops
Contextual Security and Application Control for Virtualized DesktopsContextual Security and Application Control for Virtualized Desktops
Contextual Security and Application Control for Virtualized DesktopsIvanti
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxGenericName6
 
Io t security and azure sphere
Io t security and azure sphereIo t security and azure sphere
Io t security and azure spherePushkar Saraf
 

Similar a Azure Security Fundamentals (20)

Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business Products
 
BRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeBRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edge
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security Center
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
 
Contextual Security and Application Control for Virtualized Desktops
Contextual Security and Application Control for Virtualized DesktopsContextual Security and Application Control for Virtualized Desktops
Contextual Security and Application Control for Virtualized Desktops
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
Io t security and azure sphere
Io t security and azure sphereIo t security and azure sphere
Io t security and azure sphere
 

Más de Lorenzo Barbieri

Microsoft Ignite Milan: Copilot Adoption In Italy
Microsoft Ignite Milan: Copilot Adoption In ItalyMicrosoft Ignite Milan: Copilot Adoption In Italy
Microsoft Ignite Milan: Copilot Adoption In ItalyLorenzo Barbieri
 
Can Santa Cloud survive the Generative AI revolution?
Can Santa Cloud survive the Generative AI revolution?Can Santa Cloud survive the Generative AI revolution?
Can Santa Cloud survive the Generative AI revolution?Lorenzo Barbieri
 
Build and Modernize Intelligent Apps​
Build and Modernize Intelligent Apps​Build and Modernize Intelligent Apps​
Build and Modernize Intelligent Apps​Lorenzo Barbieri
 
Develop any software from anywhere!
Develop any software from anywhere!Develop any software from anywhere!
Develop any software from anywhere!Lorenzo Barbieri
 
Personal Branding for Developers @ PyCon Italy 2023
Personal Branding for Developers @ PyCon Italy 2023Personal Branding for Developers @ PyCon Italy 2023
Personal Branding for Developers @ PyCon Italy 2023Lorenzo Barbieri
 
Codemotion DevCast: App Modernization in the Cloud
Codemotion DevCast: App Modernization in the CloudCodemotion DevCast: App Modernization in the Cloud
Codemotion DevCast: App Modernization in the CloudLorenzo Barbieri
 
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloudHow do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloudLorenzo Barbieri
 
Azure DevOps & GitHub... Better Together!
Azure DevOps & GitHub... Better Together!Azure DevOps & GitHub... Better Together!
Azure DevOps & GitHub... Better Together!Lorenzo Barbieri
 
Azure Academyadi: Introduction to GitHub and AzureDevOps
Azure Academyadi: Introduction to GitHub and AzureDevOpsAzure Academyadi: Introduction to GitHub and AzureDevOps
Azure Academyadi: Introduction to GitHub and AzureDevOpsLorenzo Barbieri
 
Practical Personal Branding for Developers
Practical Personal Branding for DevelopersPractical Personal Branding for Developers
Practical Personal Branding for DevelopersLorenzo Barbieri
 
Kubernetes for .NET Developers
Kubernetes for .NET DevelopersKubernetes for .NET Developers
Kubernetes for .NET DevelopersLorenzo Barbieri
 
Accessible Public Speaking
Accessible Public SpeakingAccessible Public Speaking
Accessible Public SpeakingLorenzo Barbieri
 
Kubernetes VS. App Service: When the orchestrator challenges the platform
Kubernetes VS. App Service: When the orchestrator challenges the platformKubernetes VS. App Service: When the orchestrator challenges the platform
Kubernetes VS. App Service: When the orchestrator challenges the platformLorenzo Barbieri
 
Public Speaking For Geeks: Work from Home Edition!
Public Speaking For Geeks: Work from Home Edition!Public Speaking For Geeks: Work from Home Edition!
Public Speaking For Geeks: Work from Home Edition!Lorenzo Barbieri
 
Public Speaking for Geeks @ MS Ignite The Tour Milan
Public Speaking for Geeks @ MS Ignite The Tour MilanPublic Speaking for Geeks @ MS Ignite The Tour Milan
Public Speaking for Geeks @ MS Ignite The Tour MilanLorenzo Barbieri
 

Más de Lorenzo Barbieri (20)

Microsoft Ignite Milan: Copilot Adoption In Italy
Microsoft Ignite Milan: Copilot Adoption In ItalyMicrosoft Ignite Milan: Copilot Adoption In Italy
Microsoft Ignite Milan: Copilot Adoption In Italy
 
Can Santa Cloud survive the Generative AI revolution?
Can Santa Cloud survive the Generative AI revolution?Can Santa Cloud survive the Generative AI revolution?
Can Santa Cloud survive the Generative AI revolution?
 
Build and Modernize Intelligent Apps​
Build and Modernize Intelligent Apps​Build and Modernize Intelligent Apps​
Build and Modernize Intelligent Apps​
 
Develop any software from anywhere!
Develop any software from anywhere!Develop any software from anywhere!
Develop any software from anywhere!
 
Personal Branding for Developers @ PyCon Italy 2023
Personal Branding for Developers @ PyCon Italy 2023Personal Branding for Developers @ PyCon Italy 2023
Personal Branding for Developers @ PyCon Italy 2023
 
Storytelling inclusivo
Storytelling inclusivoStorytelling inclusivo
Storytelling inclusivo
 
Effective Public Speaking
Effective Public SpeakingEffective Public Speaking
Effective Public Speaking
 
GitHub for partners
GitHub for partnersGitHub for partners
GitHub for partners
 
Codemotion DevCast: App Modernization in the Cloud
Codemotion DevCast: App Modernization in the CloudCodemotion DevCast: App Modernization in the Cloud
Codemotion DevCast: App Modernization in the Cloud
 
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloudHow do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
 
Azure DevOps & GitHub... Better Together!
Azure DevOps & GitHub... Better Together!Azure DevOps & GitHub... Better Together!
Azure DevOps & GitHub... Better Together!
 
Azure Academyadi: Introduction to GitHub and AzureDevOps
Azure Academyadi: Introduction to GitHub and AzureDevOpsAzure Academyadi: Introduction to GitHub and AzureDevOps
Azure Academyadi: Introduction to GitHub and AzureDevOps
 
Kubernetes vs App Service
Kubernetes vs App ServiceKubernetes vs App Service
Kubernetes vs App Service
 
Practical Personal Branding for Developers
Practical Personal Branding for DevelopersPractical Personal Branding for Developers
Practical Personal Branding for Developers
 
Prepare a Short Pitch
Prepare a Short PitchPrepare a Short Pitch
Prepare a Short Pitch
 
Kubernetes for .NET Developers
Kubernetes for .NET DevelopersKubernetes for .NET Developers
Kubernetes for .NET Developers
 
Accessible Public Speaking
Accessible Public SpeakingAccessible Public Speaking
Accessible Public Speaking
 
Kubernetes VS. App Service: When the orchestrator challenges the platform
Kubernetes VS. App Service: When the orchestrator challenges the platformKubernetes VS. App Service: When the orchestrator challenges the platform
Kubernetes VS. App Service: When the orchestrator challenges the platform
 
Public Speaking For Geeks: Work from Home Edition!
Public Speaking For Geeks: Work from Home Edition!Public Speaking For Geeks: Work from Home Edition!
Public Speaking For Geeks: Work from Home Edition!
 
Public Speaking for Geeks @ MS Ignite The Tour Milan
Public Speaking for Geeks @ MS Ignite The Tour MilanPublic Speaking for Geeks @ MS Ignite The Tour Milan
Public Speaking for Geeks @ MS Ignite The Tour Milan
 

Último

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 

Último (20)

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 

Azure Security Fundamentals

  • 2. Built-in Partner Controls Unique Intelligence Unique Intelligence Built in + Partner Controls
  • 3. Two-factor authentication with biometrics Employee & contractor vetting Metal detectors Video coverage rack front & back Inability to identify location of specific customer data Secure destruction bins Ongoing roaming patrols Video coverage Ongoing roaming patrols Front entrance gate 1 defined access point Video coverage Perimeter fencing Two-factor authentication with biometrics Video coverage No building signage 24x7x365 security operations Verified single person entry Ongoing roaming patrols Background check System check Access approval Perimeter Building Server environment Physical datacenter security
  • 4. Protect customer data Data, network segregation. DDoS protection at the edge. Platform segregation. Confidential computing. Secure hardware Custom-built hardware with integrated security and attestation Continuous testing War game exercises by Microsoft teams, vulnerability scanning & continuous monitoring CUSTOMER 2CUSTOMER 1 Secure foundation
  • 5. Protection at the edge • OneDDoS protects the edge with Cloud scale filtering and DDoS mitigation • Edge layer protections screen unwanted traffic • Encryption for data in transit • Global Load Balancing improves resilience IP and Isolation Controls • Traffic between regions encrypted by default • IP and protocol controls for endpoints • Traffic isolation via site to site VPN or Azure ExpressRoute Infrastructure security Azure Virtual Network Isolation Endpoint Restrictions OneDDoS
  • 6. No standing access to production servers and services. Just In Time Elevation required. Multi-factor authentication required for admin actions “Secure Workstations” required to access production Access requests are audited, logged and monitored Operational Security
  • 8. VIRTUAL MACHINES APPLICATIONS STORAGE & DATABASES Built-in Controls | Data protection Enable built-in encryption across resources Azure Storage Service Encryption Azure Disk Encryption SQL TDE/Always Encrypted Encrypt data while in use Azure confidential computing Use delegated access to storage objects Shared Access Signature enables more granular access control Use a key management system Keep keys in a hardware HSM/don’t store key in apps/GitHub Use one Key Vault per security boundary/per app/per region Monitor/audit key usage-pipe information into SIEM for analysis/threat detection Use Key Vault to enroll and automatically renew certificates
  • 9. Azure Security Center with advanced analytics for threat detection Virtual machines Applications Storage & databases Network Built-in Controls | Threat protection Mitigate potential vulnerabilities proactively Ensure up to date VMs with relevant security patches Enable host anti-malware Reduce surface area of attack Enable just in time access to management ports Configure Application Whitelisting to prevent malware execution Detect threats early and respond faster Use actionable alerts and incidents Interactive investigation tool and playbooks to orchestrate responses
  • 11. threats detected/monthBuilt-in Partner Controls Unique Intelligence Built-in Partner Controls

Notas del editor

  1. 1
  2. 5
  3. 6
  4. 8
  5. 9
  6. 10
  7. 12