I’ve been travelling all week long to Israel for the first Microsoft Security Service Providers private event. It has been a good week to recap and reposition Microsoft offer in terms of security. There’re still overlapping modules and the integration is honestly far from being what it should be, but the overall capabilities and the use cases addressed are really impressive. Every business should take a serious look at Microsoft offering and start thinking if their current security strategy is effective against modern cyberattack techniques.
Most importantly Azure is now certified for the ISO/IEC 27701 privacy standard.
Let’s add the new Azure blueprint for Center for Internet Security (CIS) to the lot of great blueprints we can use to build and assess Azure infrastructures.
User delegation SAS tokens is now GA. It extends Azure AD and Azure role-based access control (RBAC) for Azure Storage allowing lower-privileged users and services to delegate subsets of their access to clients. Clients retrieve a user delegation key tied to their Azure AD account, and then use it to create SAS tokens granting a subset of their own access rights.