Microsoft recently published a guideline outlining proven best practices for securing VMs on Azure. Here is a quick rundown of the list.
- Isolate management ports such as RDP and activating them only when required.
- Keeping the host OS patched ad up to date. Securing commonly targeted pots such as: SSH (22), FTP (21), Telnet (23), HTTP (80), HTTPS (443), SQL (1433), LDAP 389.
- Secure Score found within Azure Security Center is a numeric representation of your security footprint, the closer you are to 100, the better positioned you are.
- Use tools such as Azure defender to your advantage, alerting you when your VMs are under brute force attacks. Also, the event viewer will tell the tale for event 4625 that reports a failed login. Many of these events in rapid form is a clear sign of an attack.
- Maintain complex passwords, or even better, passwordless multi-factor authenticated accounts.
- Keep up to date with any third party tools or apps. These are typical target vectors as well. A typical case scenario is a Content Management System
- As always backup backup backup. Rely on Azure backups via the Azure Backup Service.
See the complete post at Microsoft’s Blog.
Thank you to Unsplash and Thomas Jensen for the image.