This article was originally posted to the Microsoft Azure blog.
As the world comes together to combat COVID-19, and remote work becomes a critical capability for many companies, customers have asked us how to best maintain the security posture of their cloud assets while enabling more remote workers to access them.
Misconfiguration of cloud security controls has been at the root of several recent data breaches, so it’s extremely important to continue monitoring your security posture as usage of cloud assets increases.
To help you prioritize the actions that you need to take, we are listing three common scenarios for remote workers and how to leverage Azure Security Center security controls to prioritize relevant recommendations for these scenarios:
1. As more users need to access resources remotely, you need to ensure that Multi-Factor Authentication (MFA) is enabled to enhance their identity protection.
- Azure Security Center has a security control called Enable MFA, ideally you should remediate all recommendations that are part of this security control, as shown below:
2. Some users might need remote access via RDP or SSH to servers that are in your Azure infrastructure.
- Instead of allowing full 24 x 7 access to those servers, ensure that you are using Just-In-Time (JIT) VM access to those servers. Make sure to review the Secure management ports control in Azure Security Center and remediate the recommendations that are relevant for this scenario.
3. Some of the workloads (servers, containers, databases) that will be accessed remotely by users might be missing critical security updates.
- Review the Remediate vulnerabilities control in Azure Security Center to prioritize the updates that must be installed. Make sure to review the result of all recommendations in built-in vulnerability assessment and remediate those items.
Security posture management is an ongoing process. Review your secure score to understand your progress towards a fully compliant environment.
Users of Azure are likely just a portion of your user base. Below is additional guidance on enabling and securing remote work for the rest of your organization: