Cloud security is the protection of data, applications, and infrastructures in cloud computing. While many understand the advantages of the cloud against on-premises infrastructure, they feel also threatened by eventual security threats. Hence, in this article we discuss cloud security and cybersecurity challenge. Furthermore we give some actionable insights on how you can protect yourself.

In many aspects cloud security is not hugely different from the traditional IT security. They are both impacted by cybersecurity challenges. While some angles are different, in both contexts security is all about:

• knowing the current state of security,
• getting alerts immediately if anything unusual happens,
• and handling unexpected events.

According to Gartner, cloud is a convenient solution to address the top three priorities of companies in today’s IT environment:

• optimize IT costs,
• support and secure a remote workforce,
• and ensure resiliency

In fact, recent Gartner survey data indicates that 70% of organizations using cloud services today plan to increase their cloud spending. As enterprises increase investments in mobility, collaboration, and other remote working technologies and infrastructure, Gartner expects growth in public cloud to be sustained through 2024.

More on the Gartner study: https://www.gartner.com/en/newsroom/press-releases/2020-11-17-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-grow-18-percent-in-2021

Working remotely is becoming more common these days. As a result, security becomes a crucial issue that poses a great challenge to businesses. Cybercrime, however, is constant. We’ve seen that cybercriminals continue — and sometimes escalate — their activity in times of rapid change. Defending against cybercriminals is a complex, ever evolving, and never-ending challenge.

• • • Rapidly changing workloads & Insecure Configurations – Rapidly changing workloads is both a strength and a challenge of the cloud. On the one hand, end users are empowered to do more. On the other, how do you make sure that the ever-changing services people are using and creating are up to your security standards and follow security best practices?​ It’s critical to continuously monitor your workloads, tracking new ones and insecure configurations.
    • Increasingly sophisticated attacks – At DexMach, we also witness increasingly sophisticated attacks wherever you run your workloads. You must secure your public cloud workloads, which are an Internet-facing workload that can leave you even more vulnerable if you don’t follow security best practices.​
    • Visibility into security and compliance – The number of security alerts far outnumbers the number of administrators with the necessary background and experience to make sure your environments are protected. Having end-to-end visibility into your security and compliance, and staying up-to-date with the latest attacks is a constant challenge. It makes it impossible to stay in place while the world of security is an ever-changing front (1)

1 – What is Azure Security Center? | Microsoft Docs

Partner up with the experts in cloud security so that they can provide you with clear, actionable insights. Microsoft has been positioned as highest in the ability to execute endpoint protection and to provide an end-to-end view amongst all providers. DexMach, as an awarded Microsoft partner, has a customer obsessed approach, just as Microsoft. Mapping customers’ environment and ambition and translating them into a clear roadmap is our strong suit. We believe in empowering our customers by providing control through powerful knowledge transfer, simplified cloud management and insights on their security state.

If you would like to discover your current security score, fill out the well-architected questionnaire.

Or you can directly opt for our 3 days’ workshop to map your security environment and test it in your environment.

To get you started, we would like to highlight some actionable learnings from Microsoft’s Digital Defense Report focusin on the cloud platform:

• Adopt a Zero Trust mindset
• Know your perimeter
• Adopt multifactor authentication, Limit access with least privilege & go passwordless
• Modernize VPN architectures and keep patching apps and systems
• Manage configuration changes
• Implement a secure software development lifecycle
• Monitor cross-cloud security
• Limit access with least privilege
• Use tools that leverage machine learning to increase fidelity and reduce alert fatigue
• Manage the convergence of OT and IT
• Invest in user training (and keep training)
• Adopt a Zero Trust mindset

Read more on these and other actionable learnings here: FY20 Microsoft Digital Defense Report

Azure Security Center is a critical tool to secure your multi-cloud workloads while it reduces your security costs and delivers a great ROI. A Forrester Consulting study on the financial impact of Azure Security Center has just revealed some interesting results:

• delivers 219 percent return on investment (ROI) over three years
• delivers a payback of less than six months
• reduces the risk of a cloud security breach by up to 25 percent
• reduces time to threat mitigation by 50 percent
• reduces the cost of third-party security tools and services from consolidation by over $200,000 annually.

You can read here about this study more in details: Forrester Consulting TEI Study: Forrester Consulting TEI Study: Azure Security Center delivers 219 percent ROI over 3 years and a payback of less than 6 months – Microsoft Security Blog

Azure Defender protects Azure and hybrid environments and ensures your cloud infrastructure resources are protected from common threats such as brute-forcing virtual machines, or attacking storage or SQL injection, or even mitigating threats against containers, the key management service or IoT devices.   

Azure Defender delivers protection for all these resources from directly within the Azure experience. Moreover, it extends protection to on-premises and multi-cloud virtual machines and SQL databases using Azure Arc. Customers already using Azure Security Center are already using Azure Defender capabilities. 

Its goal is to simplify the experience for defenders with a central operational dashboard. Then, with the help of this central dashboard, users can easily see which resources are protected and get alert status across all resources.  In addition, Microsoft has continued to enhance the threat protection capabilities with extended detection and response. Now available for SQL on-premises and enhancements to container threat protection. Azure Defender is also protecting non-Azure resources, doing so via the multi-Cloud on-boarding in Azure Security Center and Azure Arc. 

In Azure Defender you can choose amongst different plans, in our upcoming blog series we will discuss Azure Defender for App Service and Azure Defender for Kubernetes in more detail. Stay tuned!

If you ready to level up your security, do not hesitate to reach out to us. We were Microsoft partner of the year in 2020, finalist in 2021 and we are an Azure Expert MSP partner. Also, we earned numerous Microsoft Advanced Specializations, amongst others threat protection, and identity and access management. But besides the theory, we have quite some happy customers and years of field experience earned through those real-life projects.