Security is an extremely important topic in all IT projects – and yet it is neglected in (almost) all IT projects. But why?
One problem seems to be that certain questions are extremely difficult to answer: How much security can we afford or do we want? How much security is needed? Furthermore, it is quite possible not to suffer any damage without a high level of security. Often, the commitment to security only comes when something happens and it is technically already too late.
The cloud provides tools to quickly assess the current situation with regard to the security of an environment and to know which measures contribute most to its improvement.
The most prominent security tool in the Azure Cloud is probably the Security Center. It assesses the "security hygiene", i.e. checks the current state of the environment with regard to various security-relevant aspects. It is important to understand that this is only a snapshot. The state of the environment can be read in the Secure Score. This can be seen in the Azure Portal under Security Center -> Secure Score.
Furthermore, after selecting a subscription, the Security Centre's recommendations can be viewed in detail.
The recommendations displayed by the Security Center are based on the assigned security policies. These can be selected under Security Center -> Secure Score -> Security Policy per Subscription.
For more information on the Secure Score, how it is calculated and what the individual recommendations mean, see the Microsoft documentation.