Here you'll learn what objects to secure in the Windows Azure cloud services.
- View Offline
- [Voiceover] Throughout this course, we will look at the various tools and the methodology for securing the various resources in Azure. But I just wanna run through quickly the actual types of resources that need to be secured. There's lot of data, and there's lot of resources that your organization depends on that is stored in Azure. So what are those, and how are we going to secure them? Well, the how we'll look at throughout the course, but the what is what I wanna briefly look at right now. There are various things that need to be secured programmatically.
So there's certain things that need to be designed to be secure. And one of those things are web apps. Web apps are applications that are going to live within your Azure subscription, and many times they will live in the form of websites. So web app is actually the new word or the new name for websites as part of Azure. And when I go into my web apps, I can actually configure my websites to be securely connected to by enforcing HTTPS. But I may also wanna configure the content of the website to be secure. And that's really a developer topic, but that's part of the development of the actual website, or the web app.
As well, I've got my virtual machines. Now, virtual machines are versions of computers that will virtually run in my Azure subscription and provide services. So this is the infrastructure as a service solution that we mentioned earlier in the course. So Azure is my infrastructure, and my virtual machines will run on that infrastructure, and will provide user access to various resources, will be used for development or testing, or maybe used as production file servers, for example.
So I'll need to secure those virtual machines, secure the operating system that's deployed on those virtual machines, as well as secure the access to those virtual machines. How are my users going to be accessing those virtual machines? Maybe they're going to be using a virtual network, or virtual private network, that's going to offer an encrypted connectivity. Maybe they'll be connecting simply over remote desktop, and will that remote desktop session be secured? Will it be encrypted with SSL? So the virtual machines is one of the most important resources that we'll have to secure on Microsoft Azure.
Now, there are many others. Cloud services also are services that are going to be programmatically configured, and that as part of that development effort, the security will be built in. But we'll also be able to specify access points that will define how you will be accessing those Cloud services, and those access points, you will wanna have those secured with HTTPS as well. Our SQL databases, the databases will hold our data. And those SQL databases natively will be secured, because it's built on SQL technology.
But as well, we will wanna specify access points that will be secured, and we may want to enhance the security of those databases, the permissions of the users that access the databases, as well. So lots of security settings that we can set for your SQL databases. Storage, so what data will be stored inside of your Azure subscription, and how you will configure the encryption of that data. We will set that as part of our storage settings. And storage, or the storage of our data, is one of those important configurations that will hold true for a very long time, when we discussed that whole debate versus security and accessibility.
So we want our data to be encrypted, but we want it to be easily accessible as well to the users that actually need it. And when we configure our storage encryption, we wanna make sure that we provide access to our users to decrypt that data when they need to. So there's many things here that we're gonna be able to secure. But I'm looking at the objects that you will use in a typical environment. Now, if I go a little bit lower down, I've got my networks over here. Now, my networks is where I'm going to specify the access to my Azure subscription, and how that access will be secured or unsecured.
Now, my networks will be virtual networks that I'll design within my infrastructure of my subscription, and then I can specify how the resources will be accessible to various groups of users. I can create a VPN that will extend my On Premises network, or I can create multiple virtual networks in Azure and connect those with their own gateways. The method of connectivity, the amount of encryption that I'm gonna use for that data transfer is going to be defined as part of my network configuration.
Remote apps are applications that are published and available through a portal. Those applications are usually versions of existing applications that are converted as remote apps or virtual applications. And the access point, again, to those applications are going to be secured access points. Or access points that we want to secure. And of course, we've got Active Directory, our repository for identity management and our repository for all our security tools for authentication.
Active Directory is both available On Premises, and in Azure as Azure Active Directory. And remember that Azure Active Directory has a premium edition, which provides some enhanced security functionality. Active Directory is one of the main objects, as well, or the main functionalities of Azure that we will want to apply some proper security practices to.
Here, David Elfassy investigates security concepts related to Azure deployment and services such as Office 365, Exchange, and Azure Active Directory. Find out how to use Azure's built-in security tools, secure virtual machines, implement more robust multifactor authentication, and protect your services and data, including email, documents, and user data. Plus, learn how to configure security certificates for your app deployments using custom domains.
- Securing objects and virtual machines
- Deploying certificates for Azure resources
- Implementing multifactor authentication
- Securing Office 365
- Securing Azure Active Directory