Microsoft Azure Stack Security and Compliance

There are lots of features and defenses built-in to the Azure Stack Integrated System, this session should get you started quickly and be smart about digging more into the areas your organization may be interested in.

Azure Stack Security Layers

• Infrastructure and Tenant Workload

Infrastructure Security

• Security Approach (Assume Breach, Hardened by Default)
• Secured as an Integrated System
• Secured by Constrained Access
• Secured with Hardened By Default

Tenant Security & Access Control

• Azure Resource Manager
• Role Based Access Control

Tenant Workload Security Features

• Azure Resource Policies
• Network Security Groups
• Virtualized Networking
• TLS/SSL
• IPSec
• Azure Key Vault and more

Microsoft Azure Stack Compliance

• Penetration Tests, Threat Modelling
• State of the art Update mechanisms
• Common Criteria
• Pre-validation for Regulatory Compliances such as PCI DSS, CCM (HIPAA, FedRAMP, ISO)