DGN1 Task 1 Cloud Security Implementation Plan and Presentation
.docx
keyboard_arrow_up
School
Western Governors University *
*We aren’t endorsed by this school
Course
D485
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
2
Uploaded by HighnessSparrow4047
Cloud Security - D485
Strategy To evaluate the existing security landscape in the Azure portal in accordance with SWBTL LLC’s business needs, execute the following steps:
1.
Accessing Azure Portal:
o
Login: Enter the Azure Portal with your credentials.
2.
Analyzing Azure Resource Groups:
o
Navigation: Proceed to "Resource groups" to inspect how resources are organized.
Confirm that marketing, accounting, and IT are in distinct groups, as specified in requirement 4.
o
Confirmation: Ensure each group has only its relevant departmental resources.
3.
Assessing Azure Key Vaults:
o
Locating: Search for "Key Vaults" in the portal to examine all Azure Key Vaults.
o
Configuration Review: Make sure each department possesses a dedicated Key Vault (as per requirement 5).
o
Policy Examination: Check each Key Vault’s access policies to ensure adherence to requirement 6, which restricts Key Vault Contributor access to department members only.
4.
Verifying Backup and Recovery Processes:
o
Backup Services Examination: Visit "Recovery Services vaults" to scrutinize backup setups.
o
Policy Evaluation: Confirm the existence of a backup policy named SWBTL that meets requirements 8, 9, and 10.
o
Schedule Checks: Validate that backups are programmed for 7 PM ET and meet RPO and RTO specifications.
o
Snapshot and Retention Verification: Ascertain that instant recovery snapshots are
kept for 3 days and daily backup points for 45 days.
5.
Ensuring Regulatory Compliance:
o
Compliance Center Usage: Employ Azure’s Compliance Center to assess adherence to FISMA and PCI DSS (requirement 1).
o
Control Checks: Ensure all relevant security controls for these regulations are effectively operational.
6.
Examining Role-Based Access Controls (RBAC):
o
RBAC Management: In the Azure portal, navigate to "Access control (IAM)" for each resource group.
o
Role Scrutiny: Confirm that roles and permissions adhere to the principle of least privilege, in line with business requirements.
7.
Evaluating Data Encryption:
o
Data Encryption Check: Review if encryption for data-at-rest and data-in-transit meets requirement 3.
o
Encryption Configuration Review: Inspect storage accounts and databases for encryption settings.
8.
Reviewing Security and Network Setups:
o
Security Center Consultation: Access Azure Security Center for a security posture
overview.
o
Network Security Group Assessment: Examine Network Security Groups (NSGs)
for proper rules and configurations.
9.
Documentation of Observations:
o
Image Capturing: Record clear screenshots of settings, highlighting any alterations or issues found.
o
Notes Compilation: Compile detailed notes on discrepancies, potential risks, or non-compliance observed.
10. Remediation Strategy Development:
o
Based on the assessment, formulate a plan for necessary modifications or enhancements to align with SWBTL LLC's business requirements.
Note: This assessment demands a comprehensive review of the Azure environment against SWBTL LLC’s specific business needs. Meticulously document all findings as they are crucial for your executive summary and future actions.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help