This case study exercise is designed to provide experience performing some conceptual design tasks that relate to the subjects learned in this module.

Case study: architecture best practices

Tailwind Traders is a fictitious home improvement retailer. It operates retail hardware stores across the globe and online. The Tailwind Traders CISO is aware of the opportunities offered by Azure, but also understands the need for strong security and solid cloud architecture. Without strong security and a great point of reference architecture, the company may have difficulty managing the Azure environment and costs, which are hard to track and control. The CISO is interested in understanding how Azure manages and enforces security standards.

Requirements: strategy and secure remote access

One of the key requirements for this transformation is to empower remote workers in a secure manner. The new CIO wants to ensure remote workers are using multifactor authentication and if they’re traveling to visit customers, the access should be restricted based on their geo-location. The CIO also wants to ensure that all incubation project led by the AI/Robotics Team is tested in an isolated environment to avoid disruption in the production environment.

To accomplish this vision the CIO hired a new Chief Information Security Officer (CISO) and made a reorganization to assign the following teams under this new CISO:

  • Cloud strategy team
  • Cloud security team
  • Cloud adoption team
  • Cloud center of excellence or central IT team

To accomplish this vision, the new CISO needs to modernize the company’s security strategy. The security strategy should include considerations for all aspects of modern technology environment, current threat landscape, and security community resources.

Design tasks

  • Security Strategy
    • What are the security strategy principles that should be used in this project?
    • Who needs to approve the security strategy before it goes live?
  • Validating the solution
    • Which solution should Tailwind Traders utilize to understand the security state and risk across resources in Azure?
    • Which product should Tailwind Traders utilize to define consistent security policies and enable controls?