A 10 Step Program to Azure Security Center Success

Getting started with a new service is never actually “easy”. Yes, I admit that we often say “easily do thus and such” and then when you get to the actual planning, design, implementation and management, that “easy” was used as a relative term . We’ve all been there and we know the drill.

But just because a service is new doesn’t mean that it has to be painful! In fact, if you have the right roadmap, it’s actually pretty fun (and isn’t that why we’re in the IT security business after all?)

The good news is that Azure Security Center *is* easy to use. I would say that it’s probably one of the easiest Azure services you’ll ever work with! The trick is to figure out where to start. That’s what this article is about - we’ll offer here a 10-step program that you can use to get started on the right foot and speed your way to Azure Security Center success.

Let’s get started!

1. Get to know Azure Security Center and understand why you need it

First things first. Why do you care about Azure Security Center? What does it have to offer and what problems does it solve for you?

To answer those questions, check out:

• Azure Security Center Service Overview
• Introduction to Azure Security Center

2. Understand data security and privacy issues with Azure Security Center data collection

Now that you know what Azure Security Center has to offer and how it helps you solve some important security issues for the solutions you host in Azure, the next step is to make sure you understand how we handle the data we store for Azure Security Center’s use. To help you with that read:

• Azure Security Center Data Security

3. Get an idea of how much it costs to use Azure Security Center

Are you all in? We hope so! But everyone has to deal with budgets so you’re going to need to know how much Azure Security Center is going to cost. You can get these numbers from:

• Azure Security Center pricing

4. Carefully plan how you’re going to use Azure Security Center to get the most out of it

Someone once said that failure to plan is planning to fail. You don’t want to fail! To help you get things done right from the beginning, you’ll want to know what you need to do to get things arranged to meet your security operations goals. To help you with this, we have the:

• Azure Security Center planning and operations guide

5. Get started on your Azure Security Implementation by configuring Security Policies

In a nutshell, Azure Security Center “security policies” define a set of things we look at so that we can provide you recommendations and alerts. This helps us and you focus on what’s important and not focus on irrelevant information. Get a jump on Azure Security Center policy configuration by reading:

• Setting security policies in Azure Security Center

6. Evaluate and act on Security Recommendations made by Azure Security Center

After Azure Security Center security policies are configured, we’ll start analyzing your subscription or resource groups for possible security issues. When the analysis is complete, we’ll provide you a collection of recommendations. For each of the recommendations, we’ll help you mitigate them with “one-click” solutions or provide you pointers to guidance that will streamline your efforts at getting things fixed. You can learn more about security recommendations by reading:

• Managing security recommendations in Azure Security Center

7. Learn how Azure Security Center uses cutting edge advanced threat detection to generate alerts

Not only does Azure Security Center continuously monitor your deployment for security configuration issues (it’s not just a one-time vulnerability assessment, we keep looking and looking), we also will alert you to possible threats and provide you advise on how to mitigate them. If you’re curious about how we discover advanced threats that you need to protect yourself from today, check out:

• Azure Security Center threat detection capabilities

8. Drill down to evaluate general and individual security health status

As I said, we don’t do a one-time vulnerability assessment, we keep looking and looking and analyzing your deployment for security issues. Learn more about what we find and how you can act on your findings by reading:

• Security health monitoring in Azure Security Center

9. View Azure Security Alerts and mitigate the threats

Danger Will Robinson, alert! alert! After Azure Security Center detects alerts, you’ll want to see what’s happening and do something about it. To help you find and respond to alerts, make sure you read:

• Managing and responding to security alerts in Azure Security Center

10. Troubleshoot problems with Azure Security Center

Got to the cloud and your configuration and management problems will be gone! Well, that’s what we hope, but we know problems are always with us – the key is to reduce them to as few as possible. If you do run into problems with Azure Security Center, run on over to Azure.com and read this:

• Azure Security Center Troubleshooting Guide

We hope you find this article useful! I want to extend a hat tip to Yuri Diogenes, who significantly inspired this article.

Thanks!

Tom

Tom Shinder
Program Manager, Azure Security
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me!