Let's Talk Azure!

Discover the vital role of data classification in organizations and how it can streamline information handling. Learn how Purview integrates sensitivity labels into popular Office apps, adding essential context to files. Explore advanced features like dynamic watermarks, encryption options, and rights management to protect sensitive information. Alan shares tips on user adoption, starting with simple taxonomies and phased rollouts. Get insights on licensing and maximizing these tools for effective data protection across platforms.

In this episode, we dive into three key Cloud Workload Protection Platform (CWPP) offerings within Microsoft Defender for Cloud: Defender for Resource Manager, Defender for Key Vault, and Defender for APIs. Our Q&A format explores how these tools safeguard Azure environments against sophisticated threats, from management layer exploits to API vulnerabilities. Key Takeaways: Defender for Resource Manager monitors and protects against suspicious operations in Azure's management layer. Defender for Key Vault adds native threat protection to detect anomalous access to secrets and credentials. Defender for APIs provides full lifecycle security for APIs in Azure API Management, including inventory, posture recommendations, and runtime threat detection. These plans integrate seamlessly into Defender for Cloud's broader CNAPP framework for multi-cloud and hybrid protection. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Dive into Data Loss Prevention (DLP) and discover its crucial role in safeguarding sensitive information. Alan and Sam unravel the impressive capabilities of Microsoft Purview DLP, including its ability to monitor data across diverse environments. From practical tips on getting started with DLP to insights on licensing options, they cover it all. Learn about endpoint controls and how to detect rogue data flows while ensuring your organization stays secure against accidental or malicious data exfiltration.

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we dive into Microsoft Defender for Storage, a key component of Microsoft Defender for Cloud. We break down its features for threat detection and malware scanning, discuss real-world benefits, and touch on pricing considerations. We cover: Introduction to Defender for Storage: Overview of its role in Microsoft Defender for Cloud and its importance for securing Azure storage workloads. The Threat Landscape: Discussion of current threats to cloud storage, including malware uploads, unauthorized access, and data breaches. Core Features of Defender for Storage: Activity Monitoring: Analyzing access patterns to detect suspicious activities without performance impact. Malware Scanning: Real-time file scanning using Microsoft Defender Antivirus. Sensitive Data Threat Detection: Using Microsoft Purview to identify and protect sensitive information. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss the integration of Microsoft Sentinel into the Defender XDR portal. Alan goes through the benefits of the integration and thing to watch out for when starting the migration. Here are a few things we covered: What is Microsoft’s Unified SecOps Platform? What are the announcements around Microsoft Sentinel’s interface moving? What are the benefits of the integration of Microsoft Sentinel? What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we explore Azure Bastion, Microsoft’s fully managed Platform-as-a-Service (PaaS) solution designed to provide secure Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to Azure virtual machines (VMs). This Q&A-style episode dives deep into how Azure Bastion strengthens cloud security by eliminating the need for public IP addresses on VMs, reducing exposure to external threats like port scanning or protocol exploits. Alan poses critical questions about Azure Bastion’s functionality, architecture, deployment options, and integration with Azure’s security ecosystem, while our consultant delivers actionable insights tailored for IT administrators, security professionals, and cloud architects. We cover: Core Functionality: How Azure Bastion enables secure, clientless RDP/SSH access via the Azure portal or native clients, protecting VMs by removing public IP dependencies. Architecture Breakdown: The role of the dedicated AzureBastionSubnet, private IP connectivity, and TLS-based sessions, including support for zonal deployments for high availability. SKU Options: A detailed look at Developer, Basic, Standard, and Premium SKUs, highlighting features like session recording, Private Link integration, and host scaling for different organizational needs. Security Integrations: How Azure Bastion works with Microsoft Defender for Cloud, Microsoft Entra ID (with MFA and conditional access), Azure Private Link, and Azure Monitor to enforce Zero Trust principles and ensure compliance. Real-World Use Cases: Practical scenarios, such as secure admin access for global teams, compliance for regulated industries (e.g., healthcare, finance), and streamlined dev/test environments, with examples like Metinvest’s global VM management. Best Practices: Tips for deployment (e.g., subnet sizing, VNet peering), security (e.g., MFA, NSG configuration), monitoring (e.g., Azure Monitor logs), and cost management (e.g., SKU selection, scaling strategies). Limitations and Considerations: Key factors like SKU constraints, regional availability for zonal deployments, performance considerations, and cost implications, with guidance on mitigating challenges. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam explore exciting new features from Microsoft, including updates in Microsoft Entra, Intune, and Defender. They discuss the recent Azure changes, highlighting a notable retirement of a feature. The conversation dives into security enhancements, especially the integration of Sentinel into Defender XDR, and AI improvements across platforms. Listeners will also learn about new functionalities in Microsoft 365, such as AI-driven retention policies. The episode wraps up with insights on navigating Azure Local and its relationship with Microsoft 365.