This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 72%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
Hi,
I have a plain subscription/tenant which is not yet used as provisioning of resources and accounts will be done in next few months. till the time, i would like to secure my subscription/tenant with recommended security measures to prevent any unauthorized access/attack
what should be the list of tasks/steps to enhance security of my subscription/tenant as part of best practice recommended by Microsoft, any suggestion/information/help is appreciated!
thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @WinTechi-3187,
There are some best practices listed in the documentation for Role-Based Access Control.
Limit the number of subscription owners
You should have a maximum of 3 subscription owners to reduce the potential for breach by a compromised owner. This recommendation can be monitored in Azure Security Center. For other identity and access recommendations in Security Center, see Security recommendations - a reference guide.
This diagram shows a suggested pattern for using Azure RBAC:
It is also recommended to apply security policies to all Azure subscriptions linked to your Azure Active Directory tenant, and to organize your subscriptions into management groups.
You can use Security Center for security monitoring and policy management across your Azure subscriptions.
I would recommend reviewing the Introduction to Azure Security article for detailed information about how to best secure your subscriptions and subscription resources.
Let me know if this helps and if there is anything more specific you are looking for!
-
If this answer helps resolve your question, please remember to "mark as answer" so that others in the community with similar questions can more easily find a solution.