High-profile data breaches dominated the headlines this year, reminding enterprises of the importance of a fortified cloud security strategy.
Top cloud providers, such as Microsoft, continue to release new features to help enterprises secure cloud environments. Authentication and identity management, security monitoring, encryption, alerts and other tools help enterprises verify users, discover vulnerabilities and guard against attacks.
Learn which Azure cloud security services will match your needs with this list of terms and technologies:
Azure Security Center: Azure Security Center is a security management and monitoring tool that gives enterprises visibility into their hybrid cloud workloads. It provides a single console with multiple dashboards, enabling cloud admins to centrally manage security policies and ensure compliance. The tool collects and analyzes data from Azure services, VMs and networks to identify risks and makes recommendations.
Azure Key Vault: Azure Key Vault enables users to manage and encrypt keys — such as authentication keys — through hardware security modules (HSMs). Cloud admins can control the keys, grant user authorization to the vault as needed and monitor usage. Enterprises can import keys or create keys in HSMs.
Azure Active Directory (AD): Azure AD is a cloud directory and identity management service that integrates with on-premises AD. It is a multi-tenant service and is geodistributed to ensure availability and reliability. It enables enterprises to use single sign-on capabilities with various SaaS applications, such as Office 365 and Salesforce.com. Also included is a set of Azure cloud security services for multifactor authentication, role-based access control and monitoring. Enterprises can choose from four editions: Free, Basic, Premium P1 and Premium P2. Azure AD for developers is an additional service.
Azure AD B2C: Azure AD B2C is a cloud-based identity management tool for customer-facing web and mobile applications. It scales to meet identity and authentication demands for social, enterprise and local accounts. Admins can use built-in or custom policies for logins, and the service supports open standards, such as OpenID Connect and Security Assertion Markup Language.
Azure AD Domain Services: Azure AD Domain Services is a managed domain service that removes the need for an enterprise to deploy and manage domain controllers and enables the use of existing groups and user accounts. It supports Lightweight Directory Access Protocol, Kerberos and NT LAN Manager authentication and lets admins manage VMs with group policies. The service automatically integrates with Azure AD and is compatible with Windows Server AD.
Azure Multi-Factor Authentication (MFA) : Azure MFA is a service that provides two-step verification to further protect cloud data and applications. Users must provide two pieces of verification through a password, a device or biometrics to gain access to data. Admins can monitor for fraud in real time and receive automated alerts. This Azure cloud security tool works for data in the cloud and also integrates with on-premises AD and applications.