20211219 - Security Enhancements
- Mark Blair (Unlicensed)
Module:
Security
Summary:
Enabled “Azure Defender” for Key Vault, SQL Server and Storage
Ticket:
https://bigdigit.atlassian.net/browse/SWMS-3900
Detail:
Azure Defender for Key Vault
Azure Security Center includes Azure Defender for Key Vault, providing an additional layer of security intelligence.
Azure Defender for Key Vault detects unusual and potentially harmful attempts to access or exploit Key Vault accounts.
We have enabled “Azure Defender for Key Vault” for all our resources.
Azure Defender for SQL servers
Azure Defender for SQL is a unified package that provides advanced SQL security capabilities.
It includes functionality for surfacing and mitigating potential database vulnerabilities, detecting anomalous activities that could indicate a threat to your database, and discovering and classifying sensitive data.
We have enabled this for all our SQL Servers.
Azure Defender for Storage
Azure Defender for storage detects unusual and potentially harmful attempts to access or exploit storage accounts.
We have enabled this for all our storage accounts.
Module:
Security
Summary:
FTPS required in web apps
Ticket:
https://bigdigit.atlassian.net/browse/SWMS-3915
Detail:
FTPS (Secure FTP) is used to enhance the security of our web applications as it adds an extra layer of security and ensures compliance with the industry standards and regulations.
FTPS is now required for all our web applications.