Azure Best Practices

The Azure Best Practices Assessment is aimed at companies that want to make their cloud environment more secure and efficient. In particular, organizations that:

• want to strengthen cloud security and resilience,
• strive for compliance with new regulations such as the EU Cyber Resilience Act or the NIS2 Directive,
• want to minimize their cloud risks and gain better control over their IT environment,
• want to improve existing processes and structures and reduce their attack surface.

Especially in light of the fact that, according to Gartner, more than 99% of cloud breaches are due to avoidable misconfigurations or user errors, this assessment provides companies with a valuable overview and tangible recommendations for reducing these risks.

‍

Cyber threats are constantly increasing and legal requirements in the area of IT security are becoming ever stricter.

Some important drivers are:

• Cyber threats and increasing regulations: The EU, the USA and other countries are increasing the pressure for companies to take greater responsibility when it comes to cyber security and resilience.
• Growing requirements due to regulations: These include the EU Cyber Resilience Act, the NIS2/DORA directives, KRITIS and others.
• Quick determination of the threat level: The assessment determines the specific threat level for the respective cloud environment.
• Best practices from different areas:
  • Azure-specific recommendations: Azure Advisor, the Well-Architected Framework and SAP on Azure
  • Official guidelines: e.g. CISA, the US Cybersecurity & Infrastructure Security Agency
  • Community guidelines: such as the CIS benchmarks (Center for Internet Security)

‍

The entire process is free of charge for you and offers a valuable opportunity to check the cloud configuration for optimization potential:

1. Step 1: Discovery Call - An initial discussion to determine the individual requirements and objectives. (Duration: approx. 1 hour)
2. Step 2: Scan & data collection - collection of the relevant data for the existing cloud configuration.
3. Step 3: Assessment and evaluation - Systematic analysis to identify safety and efficiency potential.
4. Step 4: Review of the assessment - discussion of the results, identification of the most important areas for action and prioritization of the next steps.

Why should you choose the assessment?

‍

An assessment according to best practices offers the following advantages:

• Reducing the attack surface: By systematically checking and improving cloud configurations, the attack surface for potential threats is significantly reduced.
• Increased resilience and security: A better security profile increases the cloud environment's resistance to cyber attacks.
• Detection of hidden cloud risks: The assessment uncovers unused risks that often go unnoticed but could become major vulnerabilities.
• Efficient use of cloud resources: By optimizing the Azure infrastructure, resources are used more efficiently, resulting in cost savings and better cloud value.
• Holistic approach: Security incidents can rarely be traced back to a single cause - the assessment helps to identify and eliminate complex error chains.

‍

Which topics are addressed?

The assessment covers the most important best practices for the Azure cloud environment and provides you with targeted support in optimizing both efficiency and security:

• Entra ID Security Configuration: Optimization of security settings for identities and access control.
• Azure Well-Architected Framework: A guide to architecting and optimizing your Azure applications.
• Azure Advisor: Recommendations based on proven security and performance policies that improve the efficiency of your Azure resources.
• ConditionalAccess Policies: Access control based on conditions such as location and device status.
• CISM365 v3.1.0: Security standards and guidelines for Microsoft 365.
• CISASecurity Baselines: CISA security guidelines for compliance and protection.
• SpecializedWorkloads, e.g. SAP: Optimized security guidelines for specialized applications such as SAP.
• MAKONIS recommendations: Individual recommendations developed by us to improve Azure usage and security.

‍

MAKONIS also offers customized recommendations that are specifically tailored to your individual requirements and goals. These proprietary recommendations have been developed by our in-house experts and provide practical solutions that address the specific challenges and optimization opportunities in your Azure environment.

This means you benefit from all the knowledge of our consultants.

‍