To help secure the Learn365 cloud platform and safeguard our customers' data from intrusions and cyberattacks our Security Operations Team makes extensive use of the latest Microsoft 365 & Azure security technologies & services, including:
- Azure Sentinel – Cloud-native Security Information and Event Management (SIEM) system with built-in artificial intelligence (AI) for analytics & automated investigation and response (AIR) capabilities enabling our security operations team to operate more efficiently and effectively.
- Azure Security Center Standard tier provides infrastructure vulnerability scanning, threat & anomaly detection, and intelligence for the network and Azure PaaS services used in the Learn365 architecture. The Security Center Recommendations are monitored daily, and action is taken immediately if vulnerabilities are found.
- Network Security/Firewall - All Azure resources can communicate with each other privately, through private IP addresses. Azure network security groups are used to filter network traffic to and from the Azure resources in an Azure virtual network.
- Azure DDoS Protection - All Azure services and VNets used in the Learn365 architecture are protected against Distributed denial of service (DDoS) attacks.
-
Azure Defender for Azure SQL database servers include functionality for identifying and mitigating potential database vulnerabilities and detecting anomalous activities that could indicate threats to your databases:
-
Advanced Threat Protection for single and pooled Azure SQL databases which detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify Potential SQL injection, Access from an unusual location or data center, Access from an unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in Advanced Threat Protection alerts.
- Vulnerability assessment - The scanning service to discover, track, and help remediate potential database vulnerabilities. Assessment scans run constantly and provides an overview of the SQL server's and database's security state and details of any security findings.
-
- Auditing for Azure SQL Database is enabled on all production Azure Servers and databases and audit logs are stored for 90 days on secure Azure cloud storage.
- Azure SQL Data Discovery & Classification all data is classified with sensitivity labels and access to all sensitive data is monitored.
- Azure Key Vault a cloud service for securely storing and accessing secrets, tokens, certificate storage, and management
- All staff operating and supporting the Learn365 Platform are working on Compliant Windows 10 devices managed using Microsoft Endpoint Manager (Microsoft Intune) protected with Enterprise Mobility + Security E5 and Microsoft Defender for Office 365 (Plan 2) including Microsoft Defender anti-virus and firewall connected in real-time to our Azure Sentinel Cloud-native SIEM.