In just a few years, cybersecurity has gone from being a fringe topic that is just discussed by specialists to becoming a top-of-mind concern for entire organizations and a regular breaking news topic in the media.
With a growing understanding of the importance of cybersecurity, it is natural that more and more business are asking how this will affect their processes and workflows. Terms like “Zero Trust” and “Least Privileged Access” have become more well-known. In this article, we will give you an overview of what the ever-growing importance of security means in an Azure Integration Services context.
Security evolution
Historically, the objective of IT security capabilities were to defend the network. Today we have seen a shift in the security perimeter from the network to identity.
“Security is less about defending your network and more about defending your data, as well as apps and users.” (Source: Microsoft).
As the number of security threats increases, it is now becoming necessary to prioritize and move security closer to data, apps and users that are important or critical to your company, rather than spreading all your security resources thin by trying to protect the entire network.
Zero Trust
A myriad of devices, such as computers, tablets and sensors, have access to your company's systems. A Zero Trust approach assumes that all of these access points pose a risk, and that external security may be compromised. This means that each and every access to your systems must be verified and authenticated.
“Zero Trust is a security model that assumes breach and verifies each request as though it originated from an uncontrolled network. With Zero Trust, we move away from a trust-by-default perspective to a trust-by-exception one.” (Source: Microsoft)
When considering these topics in an Azure Integration Services context, it is natural to pay closer attention to the offerings related to identity management. From an integration perspective, the Microsoft Identity Platform is used in several ways.
It treats identity as the primary security perimeter, centralizing identity management, and it employs role-based access control (Azure RBAC) adhering to the principles of least privilege. We also encourage the use of managed identities whenever possible.
Additionally, we recommend following the Microsoft Azure Well-architected Framework and adhering to Azure Security baselines. This comprehensive approach ensures a robust and secure identity management system within the Azure environment.
Network Segmentation
The next step with this approach to security is Network Segmentation. This works by isolating different parts of the network to limit that damage that a security breach can cause, as one breach only gives access to a limited part of the network rather than to all of it.
Together, Network Segmentation and Zero Trust-approaches within the individual segment create a strong defense against security threats.
“By segmenting your network and applying Zero Trust principles to each segment, you can create a multi-layered defense that is tough for cybercriminals to penetrate”. (Source: Brian Haugli)
Depending on the industry you are in, there will be different compliance requirements that you will need to consider when granting rights and access within your projects. While always living up to regulatory requirements, you will need to strike a balance between features that can increase security, while still sticking to what is considered best practice without adding unnecessary complexity.
Securing your Azure Integration Services set up
As the security landscape has changed, and as we rely more and more on digital services across our society, it is clear that cybersecurity should be considered an investment rather than an expense.
The security of infrastructure depends on the proper configuration and deployment of your resources. This is true for both cloud and on-premise resources. And while cybersecurity might seem a huge and complex topic, Microsoft has quite a lot of offerings and recommendations that can help you ensure a proper level of protection. Microsoft Defender for Cloud recommendations identify the steps that you can take to secure your Azure environment, such as creating centralized policy management and summarizing your security posture based on the security recommendations. (Source: Microsoft)
Cybersecurity must, however, be top-of-mind when building in the Microsoft Cloud, but few companies will have sufficient internal resources to keep track of the threats they face. With this in mind, you should seek a partner with the experience and insight to help you build secure integrations or to make a security assessment of your existing integrations.
In a world of increasing online threats, cybersecurity is a must-do investment.
By Morten Reeslev, Partner Technical Architect and Torben Mosgaard Philippsen, Integration Architect, Cepheo.
Contact our Sales Directors for a discussion about your company's digitization.
-
John T. Hummelgaard
Sales Director, Denmark
-
Patrick Bubicic
Sales Director, Sweden
-
Lars Erik Lindhjem
Sales Director, Norway