Cloud computing has transformed the business landscape, prompting many organizations to migrate their critical services to the cloud. However, this shift has also brought about a surge in security challenges that need to be addressed. To tackle these issues, tailored security strategies are essential. Organizations require solutions that can help them detect, prioritize, and resolve security issues based on their criticality and significance to the business. Identifying an organization’s critical assets forms the basis of these solutions.
Microsoft has introduced a new critical cloud assets classification capability within the Critical Asset Management and Protection experience, as part of Microsoft Security Exposure Management solution, and Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud (MDC). This feature empowers organizations to identify additional business-critical assets in the cloud, enabling security administrators and SOC teams to efficiently prioritize and address security issues affecting critical assets within their cloud environments.
The criticality classification methodology developed by Microsoft involved extensive research to understand the factors that determine a cloud asset’s importance, analyze how the cloud environment’s structure aids in identifying critical assets, and comprehensively identify various critical assets, including cloud identities and resources. As a result, Microsoft has released a set of pre-defined classifications for critical cloud assets, expanding the total number of business-critical classifications to 49 for cloud identities and 8 for cloud resources.
In cloud environments, distinguishing between role-based access control (RBAC) services like Microsoft Entra ID and Azure RBAC is crucial. Microsoft has introduced new business-critical rules for classifying identities with specific roles in Microsoft Entra and Azure RBAC. For example, identities assigned with roles like “Exchange Administrator” or “Conditional Access Administrator” are classified as high criticality, given their significant permissions and control over critical resources.
When it comes to cloud resources, such as Azure Virtual Machines and Azure Key Vaults, Microsoft has introduced new criticality rules to identify business-critical assets. For instance, an Azure Virtual Machine configured for high availability and performance or a Key Vault with many connected identities are classified as high criticality due to their importance in supporting critical workloads and managing authentication and authorization processes.
Protecting the crown jewels of a cloud environment is paramount, and Microsoft’s Exposure Management and Defender Cloud Security Posture Management products offer tools to help organizations safeguard their critical assets. By enabling protections, monitoring critical assets, prioritizing remediation, and following the principle of least privilege, organizations can enhance their security posture and mitigate potential risks effectively.
In conclusion, as the cloud computing landscape evolves, the ability to identify and protect critical assets is crucial. Microsoft’s new set of business-critical cloud asset classifications in Defender for Cloud and Security Exposure Management solutions aim to assist organizations in prioritizing and addressing security issues effectively. To learn more about these solutions and best practices for securing critical assets, visit Microsoft’s documentation and resources provided.
