top of page
SHIELD-button-03.png
Search

Common Security Misconfigurations in Azure: A Security Consultant’s Guide

natasha5042

Updated: Feb 4


Although Amazon Web Services remains the market leader in the UK for cloud computing services, Microsoft Azure is quickly closing the gap, as increasingly, UK based businesses adopt both Azure and Microsoft 365 to host their computer resources, store their files, and administrate their business operations. 

You may be among the many new adoptees of Azure as your cloud computing platform, and whether your tenant was supplied by a third-party distributor, or you opted to configure the service yourself, you might assume that the default configuration of the platform would be sufficiently secure. Unfortunately, this is not the case, and many of the default settings leave your tenants and resources at risk. 


Common Misconfigurations 


Inadequate Access Controls 


The most common issue with fresh Azure tenants is the lack of stringent access controls. Any user can, for instance, create new tenants or security groups, have access to the administration panel, or share files externally that do not belong to them. 


Multifactor Authentication 


Multifactor authentication is critically important for enhancing the security of any IT environment, making it far more difficult for malicious users to compromise devices or online accounts. There are several ways to implement MFA within Azure, so it may be confusing to know which is the best method. Per-User MFA and Conditional Access policies are two such methods. You may be tempted to enable both, but when used together in Azure, these methods can lead to potentially less effective security configurations. Auditing two different MFA methods can be confusing, and the administrative overhead of maintaining two implementations may also lead to errors or oversights. 


Lack of Monitoring and Logging 


Event based alerts are not configured by default within Azure. Actions like creating new billable resources or changing administrator passwords could go unnoticed. Azure Activity Logs also only retain information for 90 days, after which the logs are automatically erased. In the event of a breach, it is imperative that appropriate logs are stored to track illegitimate activity.   




 

Preventing Misconfigurations 

Both Microsoft and the Center for Internet Security (CIS) offer recommendations on how to secure your Azure resources in line with security best practice, however it can be time consuming to review the settings yourself. A Cloud Configuration Review performed by a Security Consultant can be a valuable way to understand the weaknesses in your Azure platform and identify areas that need attention and changes. 

Contact us at Fortis Cyber® if this is a service your organisation would benefit from. 


Author: Mackenzie Pearce 

1 view0 comments

Recent Posts

See All

Ready for DORA Regulation January 2025?

The EU has introduced a new regulation aimed at bolstering the digital operational resilience of financial entities operating within its...

TISAX and the Automotive Industry

What is TISAX? The automotive industry deals with numerous business-critical assets and confidential data particularly in relation to...

Comments


bottom of page