This case study exercise is designed to provide experience performing some conceptual design tasks that relate to the subjects learned in this module.

Case study: securing PaaS, IaaS and SaaS services

Tailwind Traders is a fictitious home improvement retailer. It operates retail hardware stores across the globe and online. The Tailwind Traders CISO is aware of the opportunities offered by Azure, but also understands the need for strong security and solid cloud architecture. Without strong security and a great point of reference architecture, the company may have difficulty managing the Azure environment and costs, which are hard to track and control. The CISO is interested in understanding how Azure manages and enforces security standards.

Requirements

To accomplish this vision the CIO hired a new Chief Information Security Officer (CISO). The new CISO started planning his strategy to secure PaaS, IaaS and SaaS workloads, and as part of this strategy he established that the company needs to:

• Implement a cloud security posture management platform that can offer native vulnerability assessment for VMs and Containers, and support threat detection for Cosmos DB
• Implement a data classification system for their Azure workloads that is able to classify and label data in SQL databases and storage accounts
• Implement a security baseline for SaaS workloads in Microsoft 365
• Support security posture management and threat detection for IoT workloads

Design tasks

• Which solution should be utilized to:
  • Provide data classification and labeling in Azure?
  • Provide cloud security posture management and threat detection for VM, Containers and Cosmos DB?
• Which solution should be used to provide cloud security posture management and threat detection for IoT?