Category: Key vault

Exploring Microsoft Azure’s Security Technical Capabilities

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/04/2025
Posted in Azure, Azure Firewall, Azure Policy, Conditional access, Defender, Entra ID, Identity, Key vault, Microsoft Purview, Microsoft Sentinel, Security

Why security is important? In today’s digital landscape, securing cloud environments is more critical than ever. Microsoft Azure provides a comprehensive set of security capabilities designed to help organizations protect their workloads, data, and identities. From identity management to threat…

Continue Reading Exploring Microsoft Azure’s Security Technical Capabilities

Encrypting Data-At-Rest with Customer Managed Keys in M365

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/03/2024
Posted in Azure, Compliance, Entra ID, Identity, Key vault, Microsoft Purview, Security

As I mentioned in my previous posts. I like to keep my view as holistic as possible. Mixing a little bit of Azure infrastructure and Security side with a little hint of M365 Compliance and Entra Identity ingredients. So that…

Continue Reading Encrypting Data-At-Rest with Customer Managed Keys in M365

Azure Chaos Studio (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/02/2023 0 Comments on Azure Chaos Studio (Preview)
Posted in Azure, Azure Automation, IAM, Identity, Key vault

Have you seen Azure Chaos Studio? If not, soon you have. What is Chaos Studio? Chaos Studio is a managed service that employs chaos engineering to assist you in measuring, understanding, and improving the resilience of your cloud applications and…

Continue Reading Azure Chaos Studio (Preview)

Tips and tricks on Securing your Data factory

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/12/2022 0 Comments on Tips and tricks on Securing your Data factory
Posted in Azure, Azure AD, Data factory, IAM, Identity, Key vault, Managed HSM, Microsoft Purview, On-premises, Security

Why? Like we all know Identity is a hot topic after the MFA fatigue methods or discovering and attacking our resources as external or internal entities but the often overlooked aspect of security is inside the data layer. You could…

Continue Reading Tips and tricks on Securing your Data factory

Do’s and don’ts concerning security for Identity part 8

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/11/2022 0 Comments on Do’s and don’ts concerning security for Identity part 8
Posted in Active Directory, ADFS, Authentication methods, Azure, Azure AD, Azure ARC, Certificates, Hybrid, IAM, Identity, Identity Platform, Key vault, Security, Storage

Continuing from last post with the same topic but now from the negative side of things. What could go wrong if you don’t do it right. This post will assume that you are still having on-premises AD with ADCS and…

Continue Reading Do’s and don’ts concerning security for Identity part 8

What is Azure Key Vault Managed HSM, how to install and eventually remove (if needed)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 11/11/2022 0 Comments on What is Azure Key Vault Managed HSM, how to install and eventually remove (if needed)
Posted in Azure, Identity, Key vault, Managed HSM, Security

Managed HSM Key auto-rotation is generally available First the happy news! Key auto-rotation is also generally available for Managed HSM! Earlier this year it came to Key Vault already! Read more here about the Key vault auto-rotation feature and how…

Continue Reading What is Azure Key Vault Managed HSM, how to install and eventually remove (if needed)

How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 18/09/2022 0 Comments on How to use Azure Key Vault with managed identities and generating keys with auto-rotation
Posted in Azure, Azure AD, Key vault, Powershell, Security, Storage

Data-planes First you have to understand the different URLs that you can use for different types of resources Resource type Key protection methods Data-plane endpoint base URL Vaults Software-protected and HSM-protected (with Premium SKU) https://{vault-name}.vault.azure.net Managed HSMs HSM-protected https://{hsm-name}.managedhsm.azure.net When…

Continue Reading How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/09/2022 0 Comments on Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data
Posted in Azure, Azure AD, Azure Policy, DevOps, Exchange, Identity, Identity Platform, Key vault, Microsoft 365, Microsoft Purview, Microsoft Sentinel, Security, Storage, Zero trust

And there you have it, this is the last section in my study guide. This time made longer posts, hopefully they weren’t too long to read. Stay tuned for more! Specify priorities for mitigating threats to applications. Specify a security…

Continue Reading Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/08/2022 0 Comments on Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services
Posted in Azure, Defender, Key vault, Security, SQL, Zero trust

Time for the next section to my SC-100 study guide: Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for IoT workloads Specify security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse and Azure…

Continue Reading Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/08/2022 0 Comments on Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints
Posted in AAD Connect, Active Directory, ADFS, Azure, Azure AD, Azure Policy, Certificates, Key vault, Security, Zero trust

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints