Thanks for contacting Microsoft Q&A platform.
Please follow below article provided by Microsoft for best security practices.
The best practices are based on a consensus of opinion, and they work with current Azure platform capabilities and feature sets. Because opinions and technologies can change over time, this article will be updated to reflect those changes.
https://learn.microsoft.com/en-us/azure/security/fundamentals/iaas?source=recommendations
Hope this helps you.