When it comes to Azure Security best practices, where do you begin? In a lot of ways, Azure is very similar to any other data center. But with that said, Azure can also be very different. Securing Azure can pose many unique challenges. The security of resources hosted in Azure is of the utmost importance, though it is sometimes overlooked by companies new to Azure.
During the early stages of a company’s journey toward cloud adoption, it is often assumed that Microsoft secures the resources it hosts. While Azure helps with securing your business assets, a great deal of responsibility is shared and requires customers to do their part to secure their Azure cloud.
In this article, I’ll discuss my top nine Azure Security best practices. If you’re looking to dig deep into Azure Security, you might want to jump into Cloud Academy’s AZ-500 Exam Preparation: Microsoft Azure Security Technologies Learning Path. Even if you aren’t interested in becoming an Azure Security Certified Professional, these courses and hands-on labs will help you get started on your way to deploying and managing Microsoft Azure security technologies.
Now let’s dive right into my Azure Security best practices.
1. Understand the shared responsibility model
While I could go into a great amount of detail about the Azure shared responsibility model, I will briefly summarize the core principles. It is critical for cloud security professionals to have a firm understanding of the division of responsibilities shared between the Azure consumer (you) and Microsoft. The division of responsibility varies for each Azure service, but at a high level, you are responsible for your data and managing access to that data. Depending on what service you are consuming, you may have additional responsibilities as depicted below.
Source: MSDN Blog
If you would like to learn more about the shared responsibility for