A Practical Guide to Designing Secure Health Solutions Using Microsoft Azure

  • Article

Today I’m very happy to announce a new industry vertical white paper related to Azure Security.

The name of the white paper is A Practical Guide to Designing Secure Health Solutions Using Microsoft Azure. In it you’ll receive guidance around considerations you need to make regarding the secure use and implementation Azure cloud technology.

These considerations center around:

  • Risk management
  • Shared responsibility
  • Establishing an information security management system
  • Understanding industry and local regulations
  • Establishing standard operating procedures 

The paper also outlines and provides recommendations targeted at 13 security principles that are aligned to both a standard information security management standard (such as ISO 27001) and standard development processes (such as Microsoft’s Security Development Lifecycle [SDL]). You’ll also get a practical view of the key principles by applying them in a “lift and shift” healthcare-based case study.

What’s inside?image

The table of contents includes:

Compliance and Security Methodology
Standard Operating Procedures
Incorporating Regulatory Considerations – Health Industry
Shared Responsibilities
Key Principles and Recommendations for Secure Development and Operations       

     1. Enable identity and authentication solutions      

     2. Use appropriate access controls

     3. Use industry-recommended, enterprise-wide antimalware solution             

     4. Effective certificate acquisition and management            

     5. Encrypt all customer data           

     6. Penetration testing        

     7. Threat modeling services and applications          

     8. Log security events, implement monitoring and visualization capabilities

     9. Determine the root cause of incidents    

     10. Train all staff in cyber security   

     11. Patch all systems and ensure security updates are deployed       

     12. Keep service and server inventory current and up-to-date           

     13. Maintain clear server configuration with security in mind            

Applying Key Principles in Use Case of Lift and Shift | Implementation of a Healthcare Application

We all had a great time putting this paper together for you and hope that you’ll find some valuable information inside. Please let us know if there’s anything in the paper that we can elaborate on, or if you have some suggestions for additional content. Just put a comment below and we’ll quickly address your response.

Thanks!

Tom
Tom Shinder
Project Manager, Azure Security Engineering
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me!

image