Azure Security Checklist
Waseem Alchaar
Security Architect | Cloud Security & AI | IAM | Sec+ | CYSA+ | AZ-500
Quick overview of of some Azure Security Checklists to double check in your tenant.
? Ensure that multi-factor authentication is enabled for all users
? Ensure that there are no guest users.
? Use Role-Based Access Control to manage access to resources.
? Ensure that 'enable users to memorize multi-factor authentication on devices they trust' is disabled.
? Ensure that 'number of processes required to reset' is set to 2.
? Assure that 'number of days before users are asked to re-confirm their authentication report' is not set to 0.
? Assure that 'caution users on password resets' is set to yes.
? Ensure that 'notify all admins when other admins reset their password?' is set to yes
? Ensure that 'users can comply with apps obtaining company data on their account' is set to none.
? Ensure that 'users can disclose applications' is fixed to no.
? Guarantee that 'guest users agreements are limited' is set to yes.
? Ensure that 'members can request' is set to no.
? Guarantee that 'guests can invite' is set to no.
? Ensure that entrance to the Entra ID administration portal should be limited
? Ensure that 'users can create security associations' is set to none.
? Ensure that 'self-service group administration enabled' is established to no.
领英推荐
? Ensure that 'users who can handle security groups' is set to none.
? Ensure that 'users can create Office 365 groups' is set to no.
? Ensure that 'users who can manage Office 365 groups' is set to none.
? Ensure that 'require multifactor auth to join devices' is set to yes
? Ensure that 'secure transfer required' is arranged to enable.
? Ensure that 'storage service encryption' is set to enabled On SQL servers.
? Ensure that 'auditing' is set to on. On SQL servers,
? Ensure that 'auditing type' is set to blob On SQL servers,
? Ensure that 'threat detection' is set to on. On SQL servers
? Ensure that 'threat detection types' is set to all. On SQL servers.
? Ensure that 'send alerts to' is set.On SQL servers.
? Ensure that 'email service and co-administrators is enabled.
? On SQL servers, ensure that firewall rules are set as appropriate.
? Disable RDP access on network security groups from the internet
? Disable SSH access on network security groups from the internet.
Disclaimer - This post has only been shared for an educational and knowledge-sharing purpose related to Technologies.
#cloudsecurity #cloud #cio #ciso #cybersecurity