Securing Azure CosmosDb using Microsoft Defender
- 1. Securing Azure Cosmos DB using Microsoft Defender Ankit Rao ๏ถ Senior Software Engineer at Zscaler ๏ถ Cloud and Cloud Security Enthusiast ๏ถ AWS Community Builder ๏ถ Pune (MH), India : @_AnkitRao : @ankit-rao
- 2. Motivation Source: https://marketwatch.com ๏ถ The Global Cloud Security Market is expected to grow from USD 5 Billion in 2016 to USD ~13 billion by 2022, at an estimated CAGR of 17%. ๏ถ The lack of awareness about cloud security among organizations and the fear of losing their data confidentiality are among some factors restraining market growth. ๏ถ Further, the biggest identified cloud threats occur mostly due to the misconfiguration of cloud platforms.
- 3. ๏ถAzure Cosmos DB โ An overview ๏ถCloud Security โ A shared responsibility model ๏ถMicrosoft Defender for Cosmos DB ๏ถAzure Cosmos DB โ Security best practices ๏ถDemo ๏ถReferences Agenda
- 5. Cloud Security โ A shared responsibility model ๏ถ Cloud security refers to the technologies, policies, controls, and services that protect cloud data, applications, and infrastructure from threats. ๏ถ Cloud Security is a shared responsibility model. The diagram besides, shows how your responsibility decreases with a PaaS provider like Azure Cosmos DB.
- 6. Microsoft Defender for Cosmos DB ๏ถ Microsoft Defender for Cosmos DB provides an extra layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit Azure Cosmos DB accounts. ๏ถ This layer of protection allows you to address threats, even without being a security expert, and integrate them with central security monitoring systems. ๏ถ Security alerts are triggered when anomalies in activity occur. ๏ถ Access from unusual locations ๏ถ Unusual data extraction ๏ถ Further, Defender will provide a centralized view with respect to the security posture of the Cosmos DB, which helps users implement security best practices.
- 7. Azure Cosmos DB โ Security best practices Network security and firewall settings ๏ถUsing an IP firewall is the first layer of protection to secure your database. ๏ถAzure Cosmos DB supports policy driven IP- based access controls for inbound firewall support. ๏ถEnsure that Cosmos DB is accessible over selected networks only.
- 8. Azure Cosmos DB โ Security best practices Replicate data globally ๏ถ Global replication lets you scale globally, provide low-latency access to your data around the world. ๏ถ In the context of security, global replication ensures data protection against regional failures.
- 9. Azure Cosmos DB โ Security best practices Backup and Restore ๏ถAzure Cosmos databases are backed up regularly and stored in a geo redundant store. ๏ถAzure Cosmos DB's point-in-time restore feature helps in multiple scenarios such as the following: ๏ถ To recover from an accidental write or delete operation within a container. ๏ถ To restore a deleted account, database, or a container. ๏ถ To restore into any region (where backups existed) at the restore point in time.
- 10. Azure Cosmos DB โ Security best practices Key rotation ๏ถ Rotating keys periodically significantly reduces the chances that a compromised set of access keys can be used without your knowledge to access the database.
- 11. Azure Cosmos DB โ Security best practices Resource lock ๏ถResource lock prevents users in your organization from accidentally deleting or modifying critical resources. ๏ถThe lock overrides any permissions the user might have.
- 12. Microsoft Defender for Cosmos DB - Demo
- 13. ๏ถSecurity in Azure Cosmos DB ๏ถMicrosoft Defender for Cosmos DB (Preview) References
- 14. Questions ?? : @_AnkitRao : @ankit-rao
- 15. Thank you! Enjoy the upcoming sessions!