Dynamics 365 ERP - Development
Category
Mar 15, 2024
Published date
Text
Article Type
AI Summary
- The purpose of Azure security best practices is to ensure that Azure cloud environments are adequately protected against security threats and vulnerabilities.
- Following these best practices helps organizations implement robust security measures to safeguard their data, applications, and infrastructure hosted on the Azure platform.
- Data can be protected by 'Transparent Data Encryption' (TDE) for Azure SQL databases, Synapse analytics, and Postgre SQL. Encryption keys can be managed by Azure or brought by the customer.
- Restricting access to the database includes enabling the firewall and specifying IP addresses that are allowed to access the database. For production databases, wrapping the database in a virtual network and setting up a private endpoint link is recommended.
- To restrict access to VMs, it is advisable to close RDP/SSH ports and deploy VMs in a virtual network with a bastion. This eliminates the need for a public IP address and enhances security.
- Application secrets should be stored in Key Vaults, which can be securely connected to services using Azure managed service identity, eliminating the need for API keys or connection strings.
- It is recommended to use a separate Azure subscription for production and define different policies for resources in different subscriptions. Role-based access control (RBAC) can be used to restrict user access.
- Implementing a Web Application Firewall (WAF), such as a front door or application gateway, can help protect web applications from constant attacks by filtering traffic and detecting and blocking threats.
- Azure Security Center can be used to detect the security state of each service, provide guidance on improving security, and allow for periodic security checks and alerts. It enables the implementation of security measures directly from the center.
Registered users can view the full text for FREE!
Sign In Now!