The 11-point checklist for SMB Microsoft Azure Cloud users

Similar documents
SECURITY & PRIVACY DOCUMENTATION

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Mitigating Risks with Cloud Computing Dan Reis

ModernBiz Day. Safeguard Your Business. Sonia Blouin APAC Cloud Lead Microsoft Asia Pacific

SQL Compliance Whitepaper HOW COMPLIANCE IMPACTS BACKUP STRATEGY

locuz.com SOC Services

Windows Server The operating system

Checklist: Credit Union Information Security and Privacy Policies

Automating the Top 20 CIS Critical Security Controls

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

AWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.

ALERT LOGIC LOG MANAGER & LOG REVIEW

Best Practices in Securing a Multicloud World

Virtual Machine Encryption Security & Compliance in the Cloud

01.0 Policy Responsibilities and Oversight

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

Next Generation Privilege Identity Management

Cloud Security Myths Paul Mazzucco, Chief Security Officer

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Everything visible. Everything secure.

The Common Controls Framework BY ADOBE

10 Hidden IT Risks That Might Threaten Your Business

Microsoft Security Management

Disaster Recovery and Mitigation: Is your business prepared when disaster hits?

Security Audit What Why

Office 365 Buyers Guide: Best Practices for Securing Office 365

DHIS2 Hosting Proposal

Why the cloud matters?

Verasys Enterprise Security and IT Guide

PROTECT AND AUDIT SENSITIVE DATA

Windows Server 2012/R2 Overview

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Course AZ-100T01-A: Manage Subscriptions and Resources

For Australia January 2018

Layer Security White Paper

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

A Guide to Ensuring Security and Resiliency

Security. ITM Platform

McAfee Database Security

Microsoft Azure Course Content

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Exam : Implementing Microsoft Azure Infrastructure Solutions

Getting ready for GDPR

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

Managing SaaS risks for cloud customers

NS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments. Hunter Downey, Cloud Solution Director

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

For USA & Europe January 2018

SYMANTEC DATA CENTER SECURITY

Data Security and Privacy Principles IBM Cloud Services

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Isaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.

2016 BITGLASS, INC. mobile. solution brief

Ten things hyperconvergence can do for you

Securing Digital Transformation

Virtual Server Service

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

2017 SaaS Security Study ABSTRACT

Maintain Data Control and Work Productivity

HIPAA Compliance Checklist

A Practical Guide to Efficient Security Response

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Qualys Cloud Platform

Next-Gen CASB. Patrick Koh Bitglass

Migration and Building of Data Centers in IBM SoftLayer

The professional IT management platform

Architecting Microsoft Azure Solutions (proposed exam 535)

What can the OnBase Cloud do for you? lbmctech.com

Admin Plus Pack Option. ExecView Web Console. Backup Exec Admin Console

DELL EMC VDI Complete Solutions: Accelerate your IT Transformation

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

NMHC HIPAA Security Training Version

TB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2

Qualys Cloud Platform

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Table of Contents Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems...

Network Security Protection Alternatives for the Cloud

SECURE CLOUD BACKUP AND RECOVERY

Identity-Based Cyber Defense. March 2017

Hosted Azure for your business. Build virtual servers, deploy with flexibility, and reduce your hardware costs with a managed cloud solution.

G DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know

Incident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Comodo Certificate Manager. Centrally Managing Enterprise Security, Trust & Compliance

Feature Comparison Summary

IT your way - Hybrid IT FAQs

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

Data Privacy and Protection GDPR Compliance for Databases

PCI DSS Compliance. White Paper Parallels Remote Application Server

Unlocking the Power of the Cloud

CAMPUSPRESS TECHNICAL & SECURITY GUIDE

A company built on security

Projectplace: A Secure Project Collaboration Solution

Data Security: Public Contracts and the Cloud

Provisioning IT at the Speed of Need with Microsoft Azure. Presented by Mark Gordon and Larry Kuhn Hashtag: #HAND5

MEETING ISO STANDARDS

The Etihad Journey to a Secure Cloud

Windows Azure Services - At Different Levels

Transcription:

The 11-point checklist for SMB Microsoft Azure Cloud users

ONTENTS Back-up and Recovery Encryptions Auto-Scaling Syncing data Security and Compliance Cloud Inventory & Cost Tracking Scheduling Policies Enforcements Violations Tracking Monitoring & Remediation Log Management

The 11-point checklist for SMB Microsoft Azure Cloud users One of the major digital strategy that SMBs are adopting in 2017 is engaging cloud technologies to power their businesses. According to Forbes, 78% of U.S. small businesses will have fully adopted cloud computing by 2020, more than doubling the 37% trend of 2015. 80% 78% SMB Cloud Adoption in US 60% 2015 2020 40% 37% 20% Microsoft Azure, one of the major players in the cloud market is fast transforming into the preferred cloud service provider for SMBs across the globe. Further cementing the fact that Azure adoption is on the rise is its massive growth rate in the last year - a whopping 93%. From large multi-nationals to small and medium businesses, to non-profits all over the world, organizations are using Microsoft s cloud platforms to power their digital transformation. While SMBs have a lot to gain, given the scalable and on-demand nature of cloud, the issues of adequate monitoring and maintenance persist. There are a lot of questions regarding costs optimization, scheduled backup, effortless log management and many other concepts that arise while working on cloud. That s why we are providing you a 11-point checklist to ensure that your cloud operations run without a hitch, around-the-clock.

01 BACK-UP AND RECOVERY Data security in cloud is one of your top concerns, as your data and applications are present across servers and clients alike. You can protect your critical assets by enabling cloud backup and recovery features. With Microsoft Azure, you can backup: Instances, Volumes, and Databases to a blob storage.once the backup is in place, you can restore it when necessary, say in case of an emergency. You can restore instance, volumes and databases to a specific date. Also, you can backup and restore a MySQL cluster set-up for example. 02 ENCRYPTIONS Data security is important not only from a business continuity angle, but also for compliance measures. While storing sensitive data, businesses must adhere to various rules and regulations that necessitate the need for data encryption. Encryptions measures that SMBs should adopt are: Provisioning an encrypted Volume Back-up DB with encryption enabled There needs to be a policy on whether the data will be encrypted before upload to cloud or on upload. A well-planned key management strategy is to be in place for sound encryption. 03 AUTO-SCALING Scalability is a key feature that attracts SMBs to clouds. The ability to increase or decrease resources to effectively balance loads is a major benefit that cloud provides. Azure s load balancing capabilities automatically scale with increasing application traffic. Your applications provide a better customer experience, without any manual intervention.to effectively balance loads, you need to provision a multi-tier application. This may consist of a Load Balancer, 2 Applications, and a Database Server. USER LOAD BALANCER APP APP DATA SERVER

04 SYNCING DATA Cloud technology enables bi-directional synchronization of data. However, there is the challenge of privacy and security issues as it might lead to data breaches in certain cases. Also tenable is the problem of versioning. Lack of backup in such circumstances can cause you to lose important information pertaining to the business. Having monitoring and troubleshooting processes in place can help you keep a check on possible issues in data synchronization in the cloud setup. 05 SECURITY AND COMPLIANCE Security in cloud is a huge issue for organizations, irrespective of size.with the BYOD trend attaining popularity, employees work on a variety of devices, with each becoming a vector for malware to be injected in the system. Also, a bone of contention is hosting confidential data in third-party, public server, versus an in-house private cloud server. who possesses access to it. Certain compliance laws such as HIPAA, PCI-DSS, etc necessitate that data stored in the cloud adheres to the rules and regulation. As an SMB, you need to follow best practices for Indentity and Access Management (IAM), Encryption, Log Management, Object Versioning, etc. 06 CLOUD INVENTORY & COST TRACKING One of the biggest concerns of SMBs is the cost associated with cloud technologies. Underutilized or unutilized resources are a major reason for ballooning cloud costs. How can SMBs prevent it? Simple, you need cost monitoring tools and automated resource deprovisioning facilities. For example, to test a particular module, the QA team would have requested specific VMs for say, 10 days. However, after usage for about 5 days, they may have forgotten to surrender the VM. This will lead to underutilization of the VM and avoidable costs. Using dashboards,you can monitor daily cloud spend and resource summary reports, for optimum utilization of cloud as well as financial resources. Also, timely billing alerts would be helpful in notifying the admin regarding the spiraling cloud costs. Since businesses deal with classified data of customers, it is important to learn where it is being stored and

07 SCHEDULING Free up your cloud manager s time by scheduling routine tasks such as server deployment, backup and maintenance with Azure s automation capabilities. With this you ensure that work is not suspended even in the event of network, computer and datacenter failures, and you do not suffer due to manual error.purging aged data is also taken care of by scheduling. A major way of cutting down on cloud expenses is to use blob storage facilities economically. By routine elimination of unnecessary data, you can keep a check on operational costs. 08 POLICIES ENFORCEMENTS For example, you can enforce a rule that will prevent users from creating VMs in any other location except US datacenters. Also, you can necessitate users to follow a specific naming convention for all your resources, to have uniform naming standards. The Azure Resource Manager helps you do all this and more with its JSON policy-creation mechanism.in case of a policy breach, the admin is immediately alerted, after which necessary remedial measures can be implemented. 09 VIOLATIONS TRACKING Shadow IT is an ever-present threat for organizations where BYOD is practiced. There is always the risk of employees bringing in devices that have been hijacked. This injects rogue elements in the cloud system and can spell potential disaster for the business. Also, cloud by itself possesses the same risks as an on-premise solution the vulnerabilities are present everywhere. Therefore, it is mandatory for businesses to enforce vulnerability scans in order to track such violations before they turn into uncontrollable and unmitigable issues. SMBs can enforce conventions and rules to be followed in the cloud using policies.this means you can control the activities of your cloud users by assigning them roles and restricting access to specific regions and instance types.

10 11 MONITORING & REMEDIATION Keeping the lights on is a challenging task on cloud, to be done manually. What if a VM suddenly has low disk space or encounters high processor load? How can business continuity be ensured when issues arise after office hours?active monitoring of your cloud system enables business continuity as alerts are resolved swiftly. Also, measures such as orchestratedbackup and disaster recovery, along with auto triggering of remediation and recovery templates/scripts ensure that your business is prepared for any eventuality. LOG MANAGEMENT A world of information hides in plain sight, in your system and application logs. These vital insightsmust be analyzed to monitor and manage the health of your systems. Analyzing log data can help you detect and investigate breaches, and are mandated by many compliance requirements.elastic s ELK (Elasticsearch Logstash - Kibana) stack is the world s most popular open source log management platform, which easily integrates with Microsoft Azure Facebook Saves 16,000 operation hours each day using auto-remediation Contact Tel +1 (425) 310-5375 Email Web www.cloudenablers.com info@cloudenablers.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback