Microsoft Releases Azure Security Benchmark
Microsoft this week announced the availability of Azure Security Benchmark v1 (ASB), a collection of more than 90 security best practices recommendations for Azure customers.
ASB, Microsoft says, was designed to improve the consistency of security documentation for Azure services by creating a framework containing all recommendations for Azure services, in the same format.
ASB is meant to help organizations increase the overall security and compliance of their workloads in Azure, and includes 11 security controls inspired by, and mapped to, the Center for Internet Security (CIS) 7.1 control framework.
Not only are the ASB controls built on industry standards and best practices, but Microsoft also aims to add mappings to other frameworks, such as the NIST Cybersecurity Framework.
According to Microsoft, ASB preserves the value of industry standard control frameworks that are focused on on-premises and brings them to the cloud.
“This enables you to apply standard security control frameworks to your Azure deployments and extend security governance practices to the cloud,” the company says.
The controls included in ASB target network security, logging and monitoring, identity and access control, data protection, vulnerability management, inventory and asset management, secure configurations, malware defense, data recovery, incident response, and penetration tests and red team exercises.
The documentation associated with each control provides mappings to industry standard benchmarks, details and rationale for the recommendations, and links to configuration information.
The full set of controls, as well as the included recommendations, are available on Microsoft’s Azure Security Benchmark website.
The tech company also integrated ASB with Azure Security Center, to enable customers to track, report, and assess their compliance against the benchmark, directly from the Security Center compliance dashboard. ASB also has an impact on the Secure Score in Azure Security Center for subscriptions.
“ASB is the foundation for future Azure service security baselines, which will provide a view of benchmark recommendations that are contextualized for each Azure service. This will make it easier for you to implement the ASB for the Azure services that you’re actually using,” Microsoft says.