Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Pro Azure governance and security : a comprehensive guide to Azure Policy, Blueprints, Security Center, and Sentinel
Tender P., Rendon D., Erskine S., Apress, New York, NY, 2019. 340 pp. Type: Book (978-1-484249-09-3)
Date Reviewed: May 26 2020

The pervasiveness of cloud technologies and the increasing popularity of Microsoft Azure make this book quite interesting for practicing software enthusiasts.

Chapter 1 lays out the necessary governance needed in organizations to migrate to a cloud-based operational model. It rightly relates and aligns this technology and its governance (cloud provider governance) to an organization’s real focus--that of delivering value to its businesses and customers (customer governance). It provides an overview of all the related terminologies and lays the foundation for the rest of the chapters in the book.

Chapters 2 through 4 lay the foundations for governance in Azure. In Chapter 2, the authors emphasize how to correctly use the foundations that Azure provides (tenant, subscriptions, resource groups, role-based access control, policy mappings, and so on) to build up the necessary scaffolds within the organization based on its needs--both technical and nontechnical--as well as its business areas. Azure naming convention standards and automation for reaching necessary scales are addressed in Chapter 3, thereby laying the building blocks--resource groups, management groups, policies, initiatives and blueprints--that enable users to identify, organize, document, and track their assets uniquely across the hierarchy. With the ability to deploy and track assets across an organization, the auditing and enforcing of adopted rules and standards then becomes essential to scale the solution widely. This issue of policy implementation and governance is addressed in detail in Chapter 4. It covers planning and utilizing Azure policy, and delves into details of policy implantation and management from a practical standpoint.

Chapters 5 and 6 focus on security and operations. In Chapter 5, the authors introduce Azure Security Center to optimize and protect an organization’s assets. In an era where data and information are central to an organization’s survival, along with the widespread skepticism of public clouds, the authors present features that support protection, defense, policy and compliance, and orchestration. It also covers PowerShell, security hygiene, data collection from Azure and non-Azure virtual machines, security assessment baselines, security policies, threat protection, and playbooks. Chapter 6 deals with the topic of managing security for an organization’s information technology (IT) team, focusing on operational and monitoring aspects using Azure Monitor and other Azure monitoring tools and services, including Log Analytics, diagnostics, and Application Insights.

Having addressed governance and security in detail in the first six chapters, Chapter 7 addresses the issue of scale. Here, the authors address policy and initiative management using Automation (including templates, load balancing, networking, configuration, management such as backups and shutdowns, and so on) and Azure Blueprints for effective life cycle management (creating artifacts, assigning, tracking and unassigning blueprints). Chapter 8 previews Azure Sentinel for security alerts.

It is clear that the book tries to address the widespread skepticism around public cloud security. It does a good job of not just surfacing these issues vis-à-vis the cloud, but also framing the potential solutions for these within the Azure framework. In general, the book is a good read for practicing Azure cloud enthusiasts and organizations planning deployments on Microsoft Azure.

More reviews about this item: Amazon

Reviewer:  Srini Ramaswamy Review #: CR146978 (2009-0208)
Bookmark and Share
  Featured Reviewer  
 
Security and Protection (C.2.0 ... )
 
 
Access Controls (D.4.6 ... )
 
 
Cloud Computing (C.2.4 ... )
 
 
Distributed Systems (C.2.4 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Introduction to data security and controls (2nd ed.)
Edward R. I., QED Information Sciences, Inc., Wellesley, MA, 1991. Type: Book (9780894353864)
Aug 1 1992
Security for computer networks: an introduction to data security in teleprocessing and electronic funds transfer
Davies D., Price W., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471900634)
Oct 1 1985
The development and proof of a formal specification for a multilevel secure system
Glasgow J., Macewen G. ACM Transactions on Computer Systems 5(2): 151-184, 1987. Type: Article
Oct 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy