Blogs by Ashwin

  To read part 1 of 3 please click  here To read part 2 of 3 please click  here Resource Locks There is always a need to lock a subscription, resource group or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock level can be easily set to CanNotDelete or ReadOnly.  In the portal, the locks are called Delete and Read-only  respectively. CanNotDelete means authorized users can still read and modify a resource, but they can't delete the resource. ReadOnly means authorized users can read a resource, but they can't delete or update the resource. This lock restricts all authorized users to the permissions granted by the Reader role. Not every Azure user should have permission to create or remove locks. This requires access to the RBAC permissions like Microsoft.Authorization/, Microsoft.Authorization/locks/  action. However these actions can be added to custom roles as and when required. Azure Blueprint Azure Bluep

  To read part 1 of 3 please click  here To read part 3 of 3 please click  here Azure Policies Azure policy is a service you use to create, assign, and manage policies. Azure policies enforce different rules and effects over your resources so that those resources stay compliant with your corporate standards and service level agreements.  There are three main pillars that help in the functionalities of Azure policy: The first pillar is about real time enforcement and compliance assessment. For example- a policy would block the creation of resources that are located outside of US regions. The data powers the compliance view which aggregates results across all of the applied policies, that in turn can be used to ensure that resource groups are getting tagged properly and automatically inheriting those tags from the resource group down to the resources. The second pillar of policy is applying policies at scale by leveraging Management Groups. One can easily impact hundreds of subscriptions

To read part 2 of 3 please click  here To read part 3 of 3 please click  here The Shared Responsibility Model As computing environments move from customer-controlled datacenters to the cloud, the responsibility of security also shifts and by shifting these responsibilities to a cloud service like Azure, organizations can reduce focus on activities that aren't core business competencies. In cloud security deifferent scopes of responsibilities exist depending upon the kinds of services you use. For example- if you use virtual machines in Azure, Microsoft will be responsible for securing the physical networks, storage, and virtualization platform, which includes updating the virtualization hosts. However, you will need to help secure your virtual network and public endpoints while updating the guest operating system of your VMs. Whatever the deployment type may be, you always retain responsibility for data, endpoints, accounts, and access management.   Azure Cloud Security Advantages

  Azure AD Identity Protection Identity Protection allows organizations to automate the detection and remediation of identity-based risks, investigate risks using data in the portal, and export risk detection data to third-party utilities for further analysis. Risk detection in Azure AD Identity Protection include identifying any suspicious actions in the directory. The signals generated can also be fed into tools like Conditional Access to make access decisions, or back to the Security Information and Event Management (SIEM) tool for further investigation on the basis of your organization's enforced policies. Identity Protection provides easy access of powerful resources to your organization so that they can instantly respond to suspicious activities. Identity Protection Policies Azure Active Directory Identity Protection includes three default policies that can be chosen to enable, they are: Azure MFA registration policy- By enabling this policy you can ensure the MFA registratio

To read part 1 please click  here   Azure Active Directory Domain Service Azure AD DS provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerbos/NTLM authentication that is fully compatible with Windows Server Active Directory. It duplicates identity information from Azure AD, so it can work with Azure AD tenants that are cloud-only, or synchronized with an on-premises AD DS environment. These exists for both environments. If you have an on-premises AD DS environment, you can synchronize user account information to provide a consistent identity for users. For cloud-only environment, the traditional on-premises AD DS is not needed to use the centralized identity services of Azure AD DS.    Azure AD DS features & Benefits Azure AD DS is fully compatible with a traditional AD DS environment for various operations. LDAP write support is available for all the objects created in Azure AD DS managed domain only not for the

  To read part 2 please click  here Azure Active Directory or Azure AD Azure AD is  Microsoft's multi-talented cloud based directory and identity management service. Azure AD allows IT Admins to give an easy to use and affordable single sign-on (SSO) access to various cloud applications like Office365, Salesforce, Dropbox, Concur, etc. to employees, clients, or business partners. Whereas it allows application developers to mainly focus on building their application by making the process fast and simple to integrate with a world-class identity management solution conveniently used by millions of organizations worldwide. Identity manage capabilities & integration Azure AD also have identity management capabilities like multi-factor authentication, device registration, self-service password as well as group management, privileged account management, role-based access control, application usage monitoring, rich auditing and security monitoring and alerting. These capabilities can e

   As per the " Cybersecurity Jobs Report 2018-21" by Cybersecurity ventures,  there will be a shortfall of 3.5M security professionals by the end of 2021, which will create more challenges for security professional teams. Azure Sentinel has been designed to counter these problems and subdue security threats from your database. Microsoft Azure Sentinel a scalable, cloud-native, Security Information Event Management (SIEM) and Security Orchestration Automated Response (SOAR) is a one-stop solution for all your security threats, threat visibility, proactive hunting, and threat response. It delivers intelligent security analytics, and threat intelligence across the enterprise with the help of Artificial Intelligence while offering affordable security services without any hidden prices. Microsoft Azure Sentinel Microsoft Azure Sentinel combines with Microsoft 365 solution and combines various signals from products like Azure Identity Protection, Microsoft Cloud App Security,

  Security can be challenging with never-ending sophisticated attacks, excessive volume of social threats, and whatnot; and The Cybersecurity Jobs report 2018-21, by Cybersecurity ventures, stating the expected shortfall of about 3.5M security professional by 2021, further adds to the problems for security operations teams. But Azure Sentinel can be helpful to counter these issues. Microsoft Azure Sentinel is a flexible, cloud-native, Security Information Event Management (SIEM), and Security Orchestration Automated Response (SOAR) solution providing a one-stop solution for security threats, threat visibility, proactive hunting, and threat response. It uses the power of Artificial Intelligence the recognize security threats and subdue them further. With Azure Sentinel, you can enjoy affordable security services without any hidden prices. Microsoft Azure Sentinel Microsoft Azure Sentinel combines the power of the cloud and Artificial Intelligence to help identify the security thre