Azure Privacy, Compliance, and Trust

Governance

Azure Policy: use policies to make sure rules are followed and resources are compliant.
Policy: a set of rules to ensure compliant resources
Role-Based Access Control (RBAC) – ensures user compliance through assigning a role to a user. A role is a combination of security principal, role definition, and scope.
Define user access to specific resources. Minimum Access principle. Target specific use cases.
Security Principal, Role Definition, Scope. Use these to permission RBAC.
Locks – ensure specific resources are not changed. Assign to a subscription, resource group, or resource. It can be delete or read-only. Needs to be removed in order for actions are possible again.
Azure Blueprints – templates for creating standard Azure resources
Cloud Adoption Framework – collection of documents
Azure Advisor for Security Assistance – same as Azure Security Center.

Azure Monitor

Azure Service Health

Service maintenance or update maintenance
Planned and unplanned incidents to highlight service issues without affecting your resources

Compliance

General Data Protection Regulation (GPDR) – protect individuals with respect to processing of personal data
ISO Standard – quality and customer satisfaction (ISO 9001:2008) also includes food safety and environmental management
NIST – focuses purely on the tech industry. Developed primarily for US Federal Agencies. Compliance with NIST means compliance with multiple Federal US regulations
Azure Compliance Regulation Manager – recommendations for compliance with GDPR, ISO, NIST, and others. Tasks – team members to track progress. Compliance Score – chase a perfect score
Secure Storage – Upload documents to prove compliance and secure safely
Reports – get reports of compliance data to provide to managers and auditors
Azure Government Cloud – available to US government and approved contractors
Azure China Region – all within china, complies with applicable Chinese regulations

Privacy

Trust

Trust Center – learn about things to make sure you don’t lose trust in Azure
Service Trust Portal – location to review independent reports and audits performed on Microsoft’s products and services. Azure complies with more standards than any other cloud provider.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Leave a comment Cancel reply