Professional Documents
Culture Documents
Cloud Oprations
Cloud Oprations
EY PVT LTD
SWAPNALI GAIKWAD
INDEX
SR TABLE OF CONTENT PAGE
NO. NO.
1. Introduction…………………………………………………… 3
2. Challenges………………………………………………………………… 4
3. Solution… ……………………………………………………………… 5
4 Implementation………………………………………………………… 7
5 Conclusion…………………………............................................................ 12
6 Appendix………………………………………………………………….. 13
2
1. INTRODUCTION
EY Solutions: is leading Cloud Consultants deliver a comprehensive
cloud platform to achieve business growth and agility with amplified
consistency and proficiency. In 2004, EY Solutions was set up in India, to
provide services for modernizing data centre’s by implementing a hybrid
cloud that propels enterprises in their IT-as-a-Service journey, enabling
global enterprises to become more agile and innovative.
2. CHALLENGES
AWT Private Ltd. (Client) :They have wide variety of services such as
cloud storage, compute services, network services, databases and Web
applications, It is difficult to manage security for your IT environment. The
Security Center is needed to provides recommendations and sends threat
alerts for your workloads. quickly and accurately so the client shifted to
azure governance and compliance as a remedy to organization's security
status.
3
lack of protection of personal integrity and disruptions in socially important
activities. Deficiencies in information systems can also affect: Physical assets.
Data encryption helps prevent unauthorized users from reading data on a cluster
and associated data storage systems. This includes data saved to persistent
media, known as data at rest, and data that may be intercepted as it travels the
network, known as data in transit.
3. SOLUTION
EY Private Ltd.(cloud service provider):is responsible for managing the
azure compliance dashboard for AWT compliance is not just about following
rules; it's about safeguarding their operations, reputation, and customer trust.
Data protection and privacy: Effectivecloud compliance measures are
essential for protecting sensitive data from unauthorized access and
breaches.
4
3.2 Azure Governance Services
The three essential services for effective governance are Azure Policy, Defender
for Cloud, and Azure Cost Management. They enable organizations to manage
security, compliance, and cost in Azure environments .
1. Azure policy:Azure Policy helps to enforce organizational standards and
to assess compliance at-scale. Through its compliance dashboard, it
provides an aggregated view to evaluate the overall state of the
environment, with the ability to drill down to the per-resource, per-policy
granularity. It also helps to bring your resources to compliance through
bulk remediation for existing resources and automatic remediation for new
resources.
5
3. Azure cost management
Azure Cost Management lets you analyze past cloud usage and expenses,
and predict future expenses. You can view costs in a daily, monthly, or
annual trend, to identify trends and anomalies, and find opportunities for
optimization and savings.
In the Azure Security Center regulatory compliance blade, you can get an
overview of key portions of your compliance posture with respect to a set
of supported standards. Currently supported standards are Azure
CIS, PCI DSS 3.2, ISO 27001, and SOC TSP.
The data from the ASC compliance dashboard will soon be integrated
into Compliance Manager, delivering the benefit of automated
assessments from Azure directly into the Compliance Manager
experience instead of requiring manual processes.
6
4.IMPLEMENTATION
1.Assess regulatory compliance:
7
4. Azure Policy Regulatory Compliance controls for Azure Backup
Conditional alerts let you trigger notifications when the specific conditions are
met or exceeded. Notifications can be sent to specific recipients at a desired
frequency. The alert conditions use the dashboard filters that exist when the
alert is created.
9
A Manager dashboard and monitoring tool that summarizes data protection,
compliance score, and recommendations. It allows you to assign, track, and
record compliance and assessment-related activities. You can upload and
manage artifacts or evidence in a secure repository.
10
A cornerstone of this service is the service delivery manager (SDM), who
serves as a trusted advisor throughout the customer’s journey.
The SDM guides customers through the onboarding process, which involves
assessing the customer’s digital estate, tuning the Microsoft Defender suite,
and customizing policies to get the customer’s posture ready for operations.
After onboarding, operations commence and the SDM closely monitors the
customer’s security status, alerts, incidents, new threats, and shares relevant
insights and suggestions to further improve their security posture.
The SDM communicates with their customers regularly through emails, calls,
and meetings to review the service, security posture, and threat landscape.
When crises happen, the SDM is the first line of support, orchestrating actions,
and providing advice.
11
To make sure that you are in compliance, make sure that all systems are
equipped with an anti virus solution. This includes workstations, laptops, and
mobile devices that employees may use to access the system both locally and
remotely to make sure that the anti-virus program is effective, you also need
to ensure that the anti-virus or anti-malware programs are regularly updated.
make sure that your anti-virus mechanisms are always active,generating
auditable logs, and are using the latest signatures when it comes to having a
robust firewall policy, it’s always recommended to always close
administrative ports. Access to SSH, RDP, WinRM, and other administrative
ports should be restricted unless absolutely necessary. This is vital to
protecting your virtual machines.
5. CONCLUSION
The Cloud service provide EY LTD collaborated with Azure regulatory
compliance dashboard provides insight into AWT LTD (client) compliance
posture for a set of supported standards and regulations, based on continuous
assessments of your Azure environment.
The assessments performed by Azure Security Centeranalyze risk factors in
your hybrid cloud environment in accordance with security best practices.
12
In the regulatory compliance dashboard, you get a single view of the status
of all assessments within your environment, in the context of a particular
standard
Thus the Microsoft defender and security centre he realm of cybersecurity,
the terrain of threats is in a constant state of evolution, demanding
unwavering dedication from professionals to shield their organizations.
However, the complexity of staying updated, adopting a zero-trust approach,
and proactively identifying emerging threats often surpasses the capabilities
of even the most skilled security teams.
This is where managed extended detection and response (MXDR) services
come into play, with Microsoft Defender Experts for XDR taking the charge
to help our customers augment their SOC with human expertise and AI-
powered threat intelligence.
6.APPENDIX
13
14