It’s a common misconception that once servers are in the cloud, the cloud provider is responsible for the security on those systems. Microsoft or Amazon or Google or whoever will not necessarily keep an eye on your servers and security with your subscription.
The first thing that we will need to remember: it is still your server, because you put it in the cloud does not men that you can forget about the security of it, at least you have to maintain them at patch or code level…
But working in Azure, we have tools that could help us to make a little easy those kind of tasks that we need to implement day by day.
Azure Security Center
Is a tool to address the security needs un Azure, it can be considered as a part of the infrastructure in order to mantain security automation and recommendations based in our machines. Probably it will need some time to gather all the data for reporting, but I can assure that once it has gathered the data you will have a lot of work to implement the recommendations.
Being a compliment to Azure Security Center, we have the security policies, which will help you to check every resource for compliance. It assess you in terms like permissions, monitoring, endpoint protection and other security policies. Also is it possible to set up email notifications.
Just In Time (JIT) VM Access
The JIT VM Access is a tool to harden your VM access, With JIT, advanced firewall rules you can lock your VM down to a specified IP address or IP ranges and can limit the access timeframe. JIT also gives you better auditing and logging for those internet-enabled VMs.
Azure Security Center Detection Capabilities
The Azure Security Center’s detection capabilities include: threat intelligence (knowledge base), behavioral analytics, anomaly detection, and Fusion, which combines events and alerts to map the attack timeline.
As you can see, there are several options to implement inside Azure, so, next time don’t forget to implement them inside your subscription!