Check the actual email address, and not just the name. It is very, very easy to just read the name and not spot the email address as we’re so use to just looking for that. Charl Marais<ab.c@scammer-r-us.com.ru> is a clear indication something untoward is going on.
Think about the request and whether it’s actually a reasonable request over email. Passwords must NEVER get sent over email.
If you have any doubts about any email you received:
Verify the request via some other means with the “source”. Phone, whatsapp, walk over and talk. Don’t just reply.
o Get a second opinion from the people around you whether they think it seems fishy.
Azure
VMs
Passwords should be at least 32 character, generated by a tool
At least the Network Security Group for the VM must be configured to only allow necessary traffic
Production VM must also have their Windows Firewalls configured accordingly
Just In Time access should be configured
Endpoint Protection must be enabled
Follow and resolve security recommendations on the VM blade
Encrypt VM harddrives
Web Apps
IP restrict to only the required access. For dev, QA and UAT, that’s generally NML and the client.
SQL, Key Vault, Storage Accounts
Configure firewalls
3rd Party VMs
Only use generated passwords and store in password manager
Do not share your account details
Wish that you rather have no access and work towards having access as short as possible
Future
We’ll migrate out Active Directory to Azure Active Directory
We’ll introduce some group policy aimed alleviating some responsibility
We’ll consolidate authentication and authorization service to provide a less intrusive experience on the various products we use
We’ll introduce project security reviews and workshops to enhance our security posture on all projects