Security overview - Azure Arc
Security gaps often emerge when managing infrastructure across public cloud, private cloud, and on-prem environments. Azure Arc helps bridge those gaps by extending Azure security tools to Arc-enabled servers running anywhere. Read this Microsoft Learn article to see how it works and how your organization can benefit. Contact Integral & Open Systems,Inc for a complimentary security assessment of your hybrid environment.
What is the shared responsibility model for Azure Arc-enabled servers?
The security of Azure Arc-enabled servers is a shared responsibility. Microsoft is responsible for securing the cloud service that stores system metadata, protecting privacy, documenting optional security features, publishing regular agent updates, managing RBAC access, and securing the server infrastructure. Users are responsible for securing the server itself, managing credentials, determining the application of security features, and ensuring compliance with legal and internal policies.
How does the Azure Connected Machine agent function?
The Azure Connected Machine agent acts as an enablement platform that connects your machine to Azure. It establishes a relationship with your Azure subscription, provides a managed identity for authentication, enables additional capabilities through extensions, and enforces settings on your server. The agent is essential for relaying data and actions between your managed server and Azure.
What security measures should be taken for Tier 0 assets?
For Tier 0 assets, it is recommended to use a dedicated Azure subscription to minimize access and closely monitor permissions. You should also disable unnecessary management features, such as remote access capabilities and the extension manager, unless they are needed. Implementing an extension allowlist can help restrict the use of extensions to only those that meet your security requirements.
Security overview - Azure Arc
published by Integral & Open Systems,Inc
Integral & Open Systems is on a mission to empower enterprises to take control of their technological destiny. Founded in 2009, we've been at the forefront of delivering holistic technology strategies that encompass cloud services, cloud migration, data engineering, and Generative AI infrastructure.
Our generative AI platform is designed to democratize artificial intelligence, making it fast, cost-effective, and easy for organizations to train and deploy today's most advanced machine learning models. Developed by our in-house research and engineering teams, who are committed to integrating cutting-edge scientific research, our products aim to revolutionize how businesses approach AI.
We are also specialists in cloud services and migration. Our tailored solutions help organizations transition seamlessly to the cloud, ensuring scalability, reliability, and security. We further extend our expertise into data engineering, ensuring your data is not just big, but also smart and actionable.
With Integral & Open Systems, you're not just adopting technology; you're embracing a partner committed to your organization's growth and potential. Our ethos includes full model ownership and data privacy, built right into the platform's design, assuring you complete control over your digital assets."
Sign in with LinkedIn