In a previous blog, I discussed securing AWS management configurations
by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices.Now I’d like to do the same thing for Microsoft Azure. I had the privilege of being involved in the development of the CIS Microsoft Foundations Benchmark, which was published in early 2018. During that process, I learned a great deal about the security aspects of Azure. Many of the same cloud
security fundamentals we discussed previously also apply to other cloud
environments, so we’re going to use that best practice cloud security knowledge we learned in the last blog and apply it to Microsoft Azure.1. Identity Management with Azure Active DirectoryLike before, it’s crucial that multi-factor authentication is being used wherever possible in order to combat attacks from phishing
and lost or compromised credentials. At a minimum, any Azure Active Directory user with an administrative role or the ability to create and alter resources should have multi-factor authentication enabled. Enable password policy settings to ensure complex passwords
.It’s easy to lose track of which permissions exist within custom roles. Audit any custom role definitions to ensure that none contain unnecessary administrative permissions that could be instead assigned via default roles.Ensure that no unneeded guest users are created in the Az ..