Watch videos with subtitles in your language, upload your videos, create your own subtitles! Click here to learn more on "how to Dotsub"


0 (0 Likes / 0 Dislikes)
>> In this video, I'll talk about security threats on the cloud and ways to manage them. Okay so think about how you secure your data center. You have physical security. Who can access the building? Who can touch server X? And so on. And you have digital security. Who can connect to your systems and data over the network? Azure is essentially a network of large data centers distributed throughout the globe, dealing with the same issues just at a larger scale. When it comes to physical security, Microsoft invests heavily to protect Azure's infrastructure with walls, cameras, gates, security personnel, as well as strict procedures for employees. In fact, Microsoft has gained more security certifications from outside auditors than any other cloud vendor to date. Now when it comes to digital security, things are a bit more complex. Data can travel in many different ways in the cloud, within a data center, between data centers, and all over the internet. When you're considering attacks, you must consider how attackers gain access by compromising each resource or communication. And there are real security threats when you employ compute resources like virtual machines that run your applications and services in the cloud as well as to the data stored in the cloud and data traveling outside of Azure and across the public internet. There's also real security threats at each endpoint, like user devices or computers, that can stream data or services. Because there's so many moving parts with digital security, Microsoft and the customer must partner together to ensure the proper administration of compute and storage resources. Microsoft provides tools that help you mitigate security threats, but you must use these tools to protect the resources you use. Here's an example. Let's say you use one of Azure's database services to store important data. Microsoft will manage the hardware and software patches for you so you needn't worry about physical security or having the latest software updates. Microsoft, however, doesn't know how you intend to use your data nor does Microsoft access your data. But it does provide ways for you to ensure it's available only to approved eyes. To do that, Microsoft provides two-factor authentication and role-based access control to authorized users. Microsoft can also encrypt your data, which provides a second layer of security in case of a breach. And when this data must travel outside of Azure to businesses or mobile devices, Microsoft provides ways to transmit data over a TLS security layer while you determine which accounts can receive and decrypt that data. Microsoft will also provide tools to help you monitor access to your resources. You can monitor login failures, login attempts from suspicious locations, and so on. But it's up to you to interpret login attempts and to suspend accounts that may have been compromised. Likewise, Microsoft provides automatic denial of service protection and also provides real-time telemetry to see where requests are coming from along with firewalls to block potentially malicious traffic. As you know, there might be all different kinds of security threat factors to consider. But securing your Azure resources isn't drastically different from how you secure your on-prem resources, yet it's critical that you understand your responsibilities and the tools you have.

Video Details

Duration: 3 minutes and 5 seconds
Language: English
License: Dotsub - Standard License
Genre: None
Views: 8
Posted by: csintl on Sep 10, 2018


Caption and Translate

    Sign In/Register for Dotsub above to caption this video.