• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Seattle Seahawks Shift From Microsoft Azure to Amazon Web Services

The biggest Microsoft Azure security issues you need to know about

December 10, 2020
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

February 26, 2021
Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

February 26, 2021
Innovative solutions for IT workers at home

What is database encryption?

February 26, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Releases Azure Firewall Premium in Public Preview

February 26, 2021
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

February 25, 2021
8×8 makes raft of updates to platform

Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

February 25, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

February 25, 2021
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

February 24, 2021
Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

February 23, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

February 23, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

February 22, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Monday, March 1, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Cloud Announces Three New Vertical Cloud Solutions

    Innovative solutions for IT workers at home

    Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

    Innovative solutions for IT workers at home

    What is database encryption?

    A moment of reckoning: the need for a strong and global cybersecurity response

    Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

    Innovative solutions for IT workers at home

    ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

    A moment of reckoning: the need for a strong and global cybersecurity response

    ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

    Innovative solutions for IT workers at home

    SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

    8×8 makes raft of updates to platform

    Indonesian Mobile Operator Selects NTT for Microsoft Security Project

    Microsoft To Build New Azure Cloud Data Centers In Greece

    NTT completes Microsoft security project for Indonesian mobile operator

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Releases Azure Firewall Premium in Public Preview

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

    8×8 makes raft of updates to platform

    Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

    Microsoft To Open Azure Cloud Data Center Region In Spain

    EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Engineer at VillageMD

    Innovative solutions for IT workers at home

    How to Sync On-Premise Active Directory Passwords with Office 365 and Google Apps in Real-Time

    Microsoft Azure Forms Collaboration to Enhance AI in Healthcare

    Azure Defender is now available for all IoT and OT devices

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Google and Microsoft ID Group Targeting Security Researchers

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News

The biggest Microsoft Azure security issues you need to know about

by AZURE SECURITY NEWS EDITOR
December 10, 2020
in News
0
Seattle Seahawks Shift From Microsoft Azure to Amazon Web Services
492
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Public cloud providers like Microsoft Azure introduce a unique set of security challenges for solution providers to grapple with as customers increasingly shift workloads to the more cost-effective platform.

Microsoft’s deep roots in the enterprise space have created a somewhat different customer profile and threat landscape for Azure as compared with the cloud platforms at more historically consumer-oriented companies like Amazon and Google.

On one hand, adversaries have spent decades creating malware and exploits that can now be used to target Azure’s identification tools and blob storage. But on the other, Microsoft’s business focus meant that it was early to the cloud firewall game and has tools in place to lock down ports and secure virtual machines.

From focusing more heavily on applications than infrastructure to having more customers with data that’s private and inaccessible over the internet, here are eight of the biggest Microsoft Azure security issues solution providers are grappling with.

Greater focus on applications than infrastructure

Microsoft is definitely more focused on Azure applications, and has changed the conversation to be more around SaaS and APIs rather than how to build or migrate architecture, according to John Maddison, Fortinet’s EVP of products and solutions.

AWS is the largest public cloud provider, and has remained very focused on infrastructure-as-a-service, Maddison said. In contrast, Maddison said Microsoft’s role in Azure has resulted in conversations being more around Office 365, the Windows suite, and wrapping applications into a secure package.

Azure implementations have some security built in, and customers can turn to third parties for further security enhancements, Maddison said. Similarly, Maddison said Microsoft offers its own security for Office 365 migrations, which can be complemented by sandboxing or additional email scans via a third-party SaaS or API service.

Azure blob storage is common target of hackers

Azure has been abused a bit more than AWS in actual attacker stagecraft since it is a trusted environment that can be set up for free, and that’s expected to continue going forward, according to Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy.

Attackers are very familiar with the Microsoft ecosystem, Kalember said, and have found SharePoint to be a wonderful tool for staging malware-based attacks via malicious link along with using compromise Office 365 accounts to launch attacks on third-party targets. Kalember said a PDF-based phishing campaign associated with Hurricane Michael actually pointed to pages hosted on Azure blob storage.

Campaigns oriented around Azure blob storage are incredibly cheap and very effective because it is by default trusted, and they occur pretty often since attackers are more familiar with the Microsoft ecosystem, Kalember said. Kalember said that Azure blob storage isn’t the type of IP that should be whitelisted, and recommended that anything done in a user’s own environment not blindly trust Azure.

Azure firewall is less mature, but easier to deploy

Azure’s firewall isn’t as mature as those offered by traditional firewall vendors, but doesn’t require customers to work as hard at deploying it, according to Reuven Harrison, Tufin’s co-founder and CTO. Specifically, Harrison said the Azure firewall has the advantage of being immediately available without requiring lots of configuration work.

Azure was the first provider to offer a cloud service with a firewall since Microsoft knows the pain points of enterprises and understood that enterprise security teams want to be able to use a firewall, Harrison said. The Azure tool is easy for firewall teams to get their hands around and use to gain control over a security environment, according to Harrison.

But all the traditional firewall vendors also have options that work in the cloud and provide rich functionality, Harrison said.

Subject to lots of identity-based attacks

Microsoft has moved its on-premise identity tools to the cloud, which it pushes heavily to be used around Azure, said Bitglass CTO Anurag Kahol. Organisations typically use active directory from a CASB (cloud access security broker) tool to provide identity protection around AWS, but in Azure, Kahol said businesses typically end up using Microsoft’s identity tools for their entire company.

People from different countries attempt to provision attacks against Azure by trying to use an organisation’s tenant ID and passwords across all sites, Kahol said. As a result, Kahol said he’s seen more identity-based attacks against Azure than AWS.

Kahol recommends that businesses pursue an architecture that not only relies on the Microsoft identity features, but also gets separate authentication capabilities from a CASB tool like Bitglass. If the identity of a user is known, Kahol said CASBs are in a much better position to correlate the different types of access happening across a server.

Azure deployments tend to be IT-centric, not cloud-centric

A lot of the Infrastructure-as-a-Service deployment in Azure tends to be IT-centric rather than cloud-centric due to Microsoft’s relationships with traditional enterprises, said Kaushik Narayan, CTO of McAfee’s cloud business unit. Narayan said data on Azure therefore tends to be private, and less accessible over the internet than AWS environments.

As a result, Kaushik said attacks over the network are slightly less likely with Azure than with AWS. Instead, Kaushik said components like the Azure Cosmos DB database service tend to be more of a target for hackers since they’re open to the internet.

The sheer isolation of traditional computing systems provides a lot of protection, but that isolation of private data can be lost in Azure even if it’s unintentional, said John Dodds, McAfee’s director of product management. Businesses are more likely to be susceptible to risks they haven’t thought much about such as having sensitive data sitting in Cosmos, Dodds said.

More frequently targeted with malware

Malware has been a big problem for Windows since it’s an obvious way to gain control over a machine, which has resulted in Microsoft being a frequent target, according to Aditya Joshi, Threat Stack’s EVP of products and technology.

Microsoft has an anti-malware offering that integrates with the Azure Security Center, Joshi said, and third-party anti-malware tools can address the issue as well. Joshi said Microsoft has excelled at being a development-centric company and bringing different security offerings together.

Windows and Linux are fundamentally different operating systems with security domains that function and need to be supported in very different ways, Joshi said. And when it comes to supporting Windows, Joshi said that Microsoft Azure has clear advantages over the other cloud providers.

Ports that haven’t been properly secured

Customers have taken advantage of a feature in the Azure Security Center called Just-in-Time that shuts down ports while concurrently enabling virtual machines, according to Scott Woodgate, senior director of Microsoft Azure Management and Security Marketing.

The feature dramatically decreases Azure’s susceptibility to super-common threat vectors like RDP (remote desktop protocol)-based attacks by making it so that a legitimate user has access only from a specific IP address for just one-to-three hours, Woodgate said. Just-In-Time was introduced 18 months ago, Woodgate said, and can be turned on with the click of a button.

The fundamental benefit of Just-in-Time is the additional layer of protection it provides on virtual machines, Woodgate said. In addition, Woodgate said the feature should reduce the responsibilities of the SOC (security operations center) around patching or upgrading tools, which in turn would provide them with more time to focus on hunting threats.

Has reputation of being more proprietary in nature

Microsoft has the strong reputation of being more proprietary in nature, which creates an additional hurdle for companies looking to both use open-source tools and work in the Microsoft realm, according to Tim Mackey, principal security strategist with the Synopsys Cybersecurity Research Center.

One way to bridge that gap, though, is through the adoption of Kubernetes and other containerisation technology, which Mackey said Microsoft has done fantastic work in. Organisations that have gone down the Microsoft path are in a good position to leverage their competency around containers capitalize on things like Azure DevOps, Mackey said.

Changing cloud providers under conventional circumstances can be difficult and costly, Mackey said. But Kubernetes’ ability to abstract away the management plane that cloud providers put in place around workloads makes it easier for organisations to spread their eggs across multiple cloud provider baskets, according to Mackey.

Reference:https://www.crn.com.au/news/the-biggest-microsoft-azure-security-issues-you-need-to-know-about-526789

Share197Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

by AZURE SECURITY NEWS EDITOR
February 26, 2021
0

Microsoft is boosting its industry-cloud solutions with the announcement of three new programs. To help get these new Azure offerings...

Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

by AZURE SECURITY NEWS EDITOR
February 26, 2021
0

 Privacera, the cloud data governance and security leader founded by the creators of Apache Ranger™, today announced a technology partnership...

Innovative solutions for IT workers at home

What is database encryption?

by AZURE SECURITY NEWS EDITOR
February 26, 2021
0

Database encryption protects sensitive information by scrambling the data when it’s stored, or, as it has become popular to say,...

A moment of reckoning: the need for a strong and global cybersecurity response

Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

by AZURE SECURITY NEWS EDITOR
February 25, 2021
0

Latest launched research document on Global Cloud Security in Banking Market study of 111 Pages provides detailed analysis with presentable...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

February 26, 2021
Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

February 26, 2021
Innovative solutions for IT workers at home

What is database encryption?

February 26, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In