Many businesses already know the more common reasons for migrating their data to the cloud: reduction in cost, reduction in physical footprint, scalability, and increased flexibility to just name a few. On the other hand, many also have the same primary concern holding them back from migrating to the cloud: security. But we believe it is time to reevaluate that stance.
Security has always been of utmost concern for any company considering a cloud migration. In the beginning, the deficiencies with cloud security were enough to prevent a migration to the cloud. But security in the cloud has improved so much, that it is now a catalyst – rather than a roadblock – for cloud migration. Today’s robust security offerings within Microsoft Azure are a major part of that change in mindset and perception. Let’s explore just a few of those vital security features within the Azure platform.
- Identity and Access Management – Azure offers multiple services to manage identity and access: Multi-Factor Authentication, Microsoft Authenticator, password policy enforcement, token-based authentication, Role-based access control (RBAC), and hybrid identity. Being able to control which users have access, and the level of access granted, as well as securing users’ authentication traffic is paramount to any modern security deployment.
- Storage Service Encryption (SSE) – Storage Service Encryption is enabled for all new and existing storage accounts and cannot be disabled. Azure SSE for Data at Rest helps you protect your data to meet your organizational security and compliance commitments. With this feature, Azure Storage automatically encrypts your data before persisting it to Azure Storage and decrypts the data before retrieval. The handling of encryption, encryption at rest, decryption, and key management in Storage Service Encryption is transparent to users. All data written to Azure Storage is encrypted through 256-bit AES encryption, one of the strongest block ciphers available.
- Web Application Firewall (WAF) – Web Application Firewall helps protect web applications from common web-based attacks like SQL injection, cross-site scripting attacks, and session hijacking. It comes preconfigured with protection from threats identified by the Open Web Application Security Project (OWASP) as the top 10 common vulnerabilities.
- Compliance – The TrustCenter site provides legal and compliance teams with a comprehensive repository of resources designed to help them understand and verify the compliance requirements of their organization’s cloud deployments. Whether in the midst of an audit, or just trying to stay HIPAA compliant (or CJIS, or IRS 1075, or ISO 27001, etc.), you will be in great hands. Microsoft has more certifications than any other cloud provider. TrustCenter can make staying and remaining compliant much easier for you.
- Security Center – Security Center is the main hub for security within Azure. It helps you prevent, detect, and respond to threats with increased visibility into and control over the security of your Azure resources. It provides integrated security monitoring and policy management.
- In addition, Azure Security Center helps with security operations by providing you a single dashboard that surfaces alerts and recommendations that can be acted upon immediately. Often, you can remediate issues with a single click within the Azure Security Center console.
- Just in Time VM Access – Reduce the network attack surface with just in time, controlled access to management ports on Azure VMs, drastically reducing exposure to brute force and other network attacks.
- Specify rules for how users can connect to virtual machines. When needed, access can be requested from Security Center or via PowerShell. If the request complies with the rules, access is automatically granted for the requested time.
- Azure Advisor – Azure Advisor is a personalized cloud consultant that helps you to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry. It then recommends solutions to help improve the performance, security, and high availability of your resources while looking for opportunities to reduce your overall Azure spend. Azure Advisor provides security recommendations, which can significantly improve your overall security posture for solutions you deploy in Azure. These recommendations are drawn from security analysis performed by Azure Security Center.
So, with all of these – and so many more – robust security features offered in the Azure cloud environment, is cloud security still a hindrance to migrating to the cloud in your view? Or is it a catalyst? This week, news hit that the City of Atlanta has been crippled due to a ransomware attack (read about it here: https://blog.knowbe4.com/city-of-atlanta-it-systems-shut-down-by-samsam-ransomware). But not all has been crippled. “Not all IT infrastructure were affected because the city was in the process of moving some systems to cloud services, and those were not affected.” Do you think the City of Atlanta now views cloud security as a catalyst to cloud migration?
Of course, you will still need to decide if migrating to the cloud is right for you. Maybe a full migration is not the right answer. Maybe a hybrid solution fits your needs more appropriately. On the other hand maybe a full migration to Microsoft Azure is exactly what your business needs to take your data management to the next level. Whatever the case may be for you, let eGroup have a discussion with you about securing your data in Microsoft Azure better than maybe you previously thought possible.