There are many aspects of security that a CIO must be across including assurance that day to day operations remain functional and secure. There is always a risk that any maintenance, updates or network outages will halt or negatively impact operations. This should always be avoided or minimised wherever possible.
Keeping Your Operations Secure
We are moving to an Azure Active Directory centric approach with administrative auditing that encompasses all our cloud systems. In combination with Azure Privileged Identity Management and Azure Sentinel, rigorous access control practices and monitoring are provided.
Security Patch Testing
We run multiple infrastructures for production, staging, testing and development. Application level patches (including security) must progress throughout each environment. We also have a managed WSUS infrastructure to coordinate the rollout of Windows Updates.
A Centralised Log Server
Our production infrastructure has a centralised log server and monitoring which provides operational overview of all cloud-based systems. We also gather remote diagnostics from site-based PCs. Our production data replication writes all data (including security and audit trails) to a centralised write-only audit table in Microsoft Azure.
Response and Management Platform
As part of our production support, we have an incident response and management platform complete with documented incident escalation workflows.
Our current procedure for business continuity heavily leverages standard Microsoft Azure functionality, including redundancy via SQL Azure DBs and leveraging Azure PaaS offerings. In the case of disaster, most of our systems can be automatically re-deployed via our configuration management tool and our infrastructure automatically reprovisioned