Rediģēt

Kopīgot, izmantojot


Secure Azure high-performance computing (HPC) in Azure

Best practice encourages customers to create a single centralized cloud adoption strategy, using the Cloud Adoption Framework's Security methodology

Security principles

The focus of HPC is based on key management principles:

Principle Description
Single authoritative source of identity Use consistency and a single authoritative source to increase clarity, and reduce the risk from human error and configuration and automation complexity.
Automated approach to data security Use automation to enable auditing, implement multiple control points, and reduce human errors. Automation also makes data governance easier and limits overhead.
Grant least privilege required to complete task Grant only the amount of access to users that they need to do their jobs and limit the allowed actions for a particular scope.
Simplified yet secure permissions Avoid customization. Customization leads to complexity, which inhibits human understanding, security, automation, and governance. For example, use built-in roles to assign permissions to data services and avoid permissions that specifically reference individual resources or users.
Better clarity and enforceability of rules and definitions Clearly separate data to help keep the environment organized, while making it easy to enforce security rules and definitions.

It is also recommended to follow the security baseline recommendations for the following HPC services:

  • Azure HPC Cache: Ensure that network security, identity management, privileged access, data protection, asset management, logging/threat detection, posture/vulnerability management, and backup/recovery is in place.
  • Azure CycleCloud: Have your HPC administrator setup SSL, configure networking and secret management, and create a secure locked-down environment.
  • Azure Batch: Use the latest Azure Security Benchmarks available to implement recommendations on securing your Batch nodes based on the appropriate compliance standard.

Next steps

  • After creating your HPC cloud adoption security strategy, look into organizing team members to align the teams and roles supporting your organization's cloud adoption efforts.
  • For additional security information, refer to best practices defined in the Azure HPC Well-architected framework.