IT Best Practices - Microsoft Press

Implement maximum control, security, and compliance processes in Azure cloud environments In Microsoft Azure Security Infrastructure, three leading experts show how to plan, deploy, and operate Microsoft Azure with outstanding levels of control, security, and compliance. You’ll learn how to prepare infrastructure with Microsoft’s integrated tools, prebuilt templates, and managed services–and use these to help safely build and manage any enterprise, mobile, web, or Internet of Things (IoT) system. The authors guide you through enforcing, managing, and verifying robust security at physical, network, host, application, and data layers. You’ll learn best practices for security-aware deployment, operational management, threat mitigation, and continuous improvement–so you can help protect all your data, make services resilient to attack, and stay in control no matter how your cloud systems evolve.

 

Three Microsoft Azure experts show you how to:

• Understand cloud security boundaries and responsibilities

• Plan for compliance, risk management, identity/access management, operational security, and endpoint and data protection

• Explore Azure’s defense-in-depth security architecture

• Use Azure network security patterns and best practices

• Help safeguard data via encryption, storage redundancy, rights management, database security, and storage security

• Help protect virtual machines with Microsoft Antimalware for Azure Cloud Services and Virtual Machines

• Use the Microsoft Azure Key Vault service to help secure cryptographic keys and other confidential information

• Monitor and help protect Azure and on-premises resources with Azure Security Center and Operations Management Suite

• Effectively model threats and plan protection for IoT systems

• Use Azure security tools for operations, incident response, and forensic investigation 

Manage all the mobile devices your workforce relies on
Learn how to use Microsoft’s breakthrough Enterprise Mobility Suite to help securely manage all your BYOD and company-owned mobile devices: Windows, iOS, and Android. Two of the leading mobile device management experts at Microsoft show you how to systematically help protect employee privacy and corporate assets without compromising productivity. You’ll find best practices, step-by-step guidance, and real-world scenarios for every stage of planning, design, deployment, and administration.

Empower your mobile users while improving security and controlling costs

• Master proven best practices for centrally managing smartphones and tablets
• Plan mobile strategies that encompass users, devices, apps, and data
• Overcome BYOD’s unique challenges, constraints, and compliance issues
• Provide common “hybrid” user identities and a seamless experience across all resources: on-premises, datacenter, and cloud
• Simplify and improve device enrollment, monitoring, and troubleshooting
• Help safeguard both corporate and personal information

Discover high-value Azure security insights, tips, and operational optimizations

This book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft security and cloud experts Yuri Diogenes and Dr. Thomas Shinder show how to apply Azure Security Center's full spectrum of features and capabilities to address protection, detection, and response in key operational scenarios. You'll learn how to secure any Azure workload, and optimize virtually all facets of modern security, from policies and identity to incident response and risk management. Whatever your role in Azure security, you'll learn how to save hours, days, or even weeks by solving problems in most efficient, reliable ways possible.



Two of Microsoft's leading cloud security experts show how to:

* Assess the impact of cloud and hybrid environments on security, compliance, operations, data protection, and risk management

* Master a new security paradigm for a world without traditional perimeters

* Gain visibility and control to secure compute, network, storage, and application workloads

* Incorporate Azure Security Center into your security operations center

* Integrate Azure Security Center with Azure AD Identity Protection Center and third-party solutions

* Adapt Azure Security Center's built-in policies and definitions for your organization

* Perform security assessments and implement Azure Security Center recommendations

* Use incident response features to detect, investigate, and address threats

* Create high-fidelity fusion alerts to focus attention on your most urgent security issues

* Implement application whitelisting and just-in-time VM access

* Monitor user behavior and access, and investigate compromised or misused credentials

* Customize and perform operating system security baseline assessments



* Leverage integrated threat intelligence to identify known bad actors

Microsoft Azure Sentinel



Plan, deploy, and operate Azure Sentinel, Microsoft’s advanced cloud-based SIEM




Microsoft’s cloud-based Azure Sentinel helps you fully leverage advanced AI to automate threat identification and response – without the complexity and scalability challenges of traditional Security Information and Event Management (SIEM) solutions. Now, three of Microsoft’s leading experts review all it can do, and guide you step by step through planning, deployment, and daily operations. Leveraging in-the-trenches experience supporting early customers, they cover everything from configuration to data ingestion, rule development to incident management… even proactive threat hunting to disrupt attacks before you’re exploited.




Three of Microsoft’s leading security operations experts show how to:

• Use Azure Sentinel to respond to today’s fast-evolving cybersecurity environment, and leverage the benefits of its cloud-native architecture

• Review threat intelligence essentials: attacker motivations, potential targets, and tactics, techniques, and procedures

• Explore Azure Sentinel components, architecture, design considerations, and initial configuration

• Ingest alert log data from services and endpoints you need to monitor

• Build and validate rules to analyze ingested data and create cases for investigation

• Prevent alert fatigue by projecting how many incidents each rule will generate

• Help Security Operation Centers (SOCs) seamlessly manage each incident’s lifecycle

• Move towards proactive threat hunting: identify sophisticated threat behaviors and disrupt cyber kill chains before you’re exploited

• Do more with data: use programmable Jupyter notebooks and their libraries for machine learning, visualization, and data analysis

• Use Playbooks to perform Security Orchestration, Automation and Response (SOAR)

• Save resources by automating responses to low-level events

• Create visualizations to spot trends, identify or clarify relationships, and speed decisions

• Integrate with partners and other third-parties, including Fortinet, AWS, and Palo Alto  

Enable employees to be productive and access data from any location or device
Protect both corporate assets and employee privacy, so your people can be fully productive from any device, anywhere. Learn how to use Microsoft Intune to manage applications to satisfy your unique requirements, make the most of Mobile Device Management (MDM) for Office 365, and defend on-premises resources with Microsoft Advanced Threat Analytics (ATA).

Plan, deploy, and deliver complete enterprise mobility while improving security


Choose the right Microsoft enterprise mobility solution for your organization
Protect apps and data with Microsoft Intune Mobile Application Management (MAM)
Identify suspicious user or device activity in hybrid cloud/on-premises environments
Prepare for and successfully implement Microsoft ATA
Flexibly manage diverse mobile devices with MDM for Office 365
Configure access, define policies, enroll mobile devices, and manage compliance