Azure Security Services
Adoption of cloud services continues to grow at a rapid rate as organisations migrate workloads to achieve scale and agility, whilst driving costs down. With the implementation of cloud services, organisations enter a shared responsibility model with their cloud service provider for their cloud security.
CWSI Azure Security Review
CWSI have created an evaluation service that will provide comprehensive insights into your existing Azure presence and the potential risks linked to it. We will gauge your organisation against industry standards to construct a clear roadmap towards the utmost secure environment.
The Azure Security Review is a comprehensive review of your organisations Azure environment. CWSI’s Microsoft Certified Engineers will review the environment checking over 200 configurations before producing a comprehensive report scoring your environment in each area against industry best practices. We will provide you with a view and recommendations on:
- The risks you are currently exposed to.
- Future potential risk exposure.
- Areas of recommendations for remediation.
In the most recent Digital Defence Report, Microsoft shared some insights into customers who had been compromised.
The three main contributing factors were:
Weak identity controls:
Credential theft attacks remains one of the top contributing factors. 88% of impacted customers did not employ AD and Azure AD security best practices. This has become a common attack vector as attackers exploit misconfigurations and weaker security postures in critical identity systems to gain broader access and impact to businesses.
Ineffective security operations:
These processes do not just present a window of opportunity for attackers, but significantly impact the time to recover. 93% of Microsoft investigations during ransomware recovery engagements revealed insufficient privilege access and lateral movement controls.
Eventually it boils down to data:
Organisations struggle to implement an effective data protection strategy which aligns with their business
needs. None of the impacted organisations implemented proper administrative credential segregation and least privilege access principles via dedicated workstations during the management of their critical identity and high value assets, such as proprietary systems and business-critical applications.
Why have a Security Review?
Operationally, the cloud service provider takes on responsibility for physical security, hardware resilience and in the case of SaaS and PaaS services, they will also secure the operating system and application. However, this does not absolve the cloud customer from the ownership of their security. Depending on what services in the cloud the customer is using, security configuration and management remain in the remit of the customer for example, ultimately, every cloud customer must have confidence in their own security architecture, configuration and security operations.
As cloud providers compete to offer more services and get more “sticky” with their customers, cloud services continue to evolve and add functionality. As these new functions and features are made available, this can lead to the security posture of the cloud customer needing to be reviewed. Any cloud customer who doesn’t do a periodic analysis of their cloud footprint is opening themselves up to the risk of a devastating attack.
What is Covered with a Review?
As part of the security review, we cover the following aspects:
- Identity & Access Control
- Defender for Cloud
- Network Security
- Data Security, Encryption & Storage
- Operational Security
Do I Need a Full Security Review?
CWSI provide an Azure Security Assessment as an alternative to a full review. This is a cutdown version of the review and covers the 70 most significant configuration elements, providing a high-level report of where remediation focus should be.