Cloud Security Posture Management /CSPM) in Azure
Loaiza Enriquez, Rodolfo (2021)
Loaiza Enriquez, Rodolfo
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2021062916705
https://urn.fi/URN:NBN:fi:amk-2021062916705
Tiivistelmä
Cloud computing is highly vulnerable to cyberattacks and threats due to inadequate change control, misconfiguration, and numerous vendors that utilize distinct strategies and policies with inadequacies for securing cloud-based infrastructure.
The advancement of security measures in cloud computing requires Cloud Security Posture Management for example to establish remote workforce management via policies as well as disaster recovery through business continuity planning by providing continuous threat monitoring and real-time risk monitoring. In this regard, the assessment involved system audit, workshops, and desk review to identify how CSPM can promote high-level configuration of the organization’s cloud environment, promote security posture and enhance proactive cloud monitoring and audit to improve risk monitoring and management besides intensifying cloud management and automating deployment.
The assessment found failed security features in the following domains: Azure Defender, Azure DDoS protection, Access and Permissions and, Network Security. Consequently, the company should evaluate internal policies and protocols to identify appropriate features to install, update, and enable without constraining the established workflow, operational environment and cost management. The company should also embrace security best practices in the management and use of Azure cloud available in the industry and Microsoft Recommendation Center.
The advancement of security measures in cloud computing requires Cloud Security Posture Management for example to establish remote workforce management via policies as well as disaster recovery through business continuity planning by providing continuous threat monitoring and real-time risk monitoring. In this regard, the assessment involved system audit, workshops, and desk review to identify how CSPM can promote high-level configuration of the organization’s cloud environment, promote security posture and enhance proactive cloud monitoring and audit to improve risk monitoring and management besides intensifying cloud management and automating deployment.
The assessment found failed security features in the following domains: Azure Defender, Azure DDoS protection, Access and Permissions and, Network Security. Consequently, the company should evaluate internal policies and protocols to identify appropriate features to install, update, and enable without constraining the established workflow, operational environment and cost management. The company should also embrace security best practices in the management and use of Azure cloud available in the industry and Microsoft Recommendation Center.