Best Practices for Securing services in the Azure ecosystem : Tools for Access Logging and Monitoring?

Cristopher Aguilera 91 Reputation points
2024-06-14T08:40:26.91+00:00

Good morning,

Our organization utilises Azure for hosting web services, SQL Server instances, and SQL Server on virtual machines to re-design our current data warehouse structure. Ensuring robust data security protection across these environments is critical for us. Could you please share best practices or recommendations on how to ensure our web services, SQL instances, and virtual machines are well protected within Azure's ecosystem?

Additionally, we are interested in understanding if Azure offers specific tools or features that facilitate:

1.       The extraction of logs detailing access to our services and SQL instances, including information such as who accessed them, originating IP addresses, and countries of access.

2.       Mechanisms to notify us when suspicious activity, such as unauthorized access attempts or unusual usage patterns, is detected.

Are there built-in tools or recommended methods within Azure that can help us achieve these objectives for visibility, monitoring, and proactive security measures?

Any insights or experiences you can share regarding Azure's native capabilities or third-party integrations would be greatly appreciated.

Thanks,

Cristopher

Azure SQL Database
Microsoft Security | Intune | Security
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,954 questions
Windows for business | Windows Server | Devices and deployment | Configure application groups
0 comments No comments
{count} votes

Accepted answer
  1. Pieter de Bruin 321 Reputation points Microsoft Employee
    2024-06-14T11:13:56.8166667+00:00

    Hi Christopher,

    This is a bit of challenge, since you are asking to design your cloud transformation in a forum response :-) I can give you some pointers, like https://learn.microsoft.com/en-us/azure/architecture/guide/security/security-start-here This could also be a good time to hire experienced Azure architects who know about Azure landing zones https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/

    To start, you should investigate Entra, previously Azure Active Directory, for identity and access management. Entra ID Protection can report on a number of risks that you mentioned, even before accessing Azure services https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-risks

    Next, you should investigate monitoring services like Azure Monitor, and Sentinel.

    And then, when you start to deploy Azure services like app services, sql databases, and virtual machines, you should leverage their respective security features including identity and networking.

    Hope that helps,

    Pieter

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.