Linkedin-in Whatsapp

Hardening Your Application Insights on Azure: A Comprehensive Guide to Securing Cognitive Services

[post-views]

Description

Application Insights is a feature of Azure Monitor that provides extensible application performance management (APM) and monitoring for live web apps. Developers and DevOps professionals can use it. Application Insights to:

  • Automatically detect performance anomalies.  
  • Help diagnose issues by using powerful analytics tools.  
  • See what users do with apps.  
  • Help continuously improve app performance and usability.  

Application Insights Features:

  • Supports various platforms, including .NET, Node.js, Java, and Python.  
  • Works for apps hosted on-premises, hybrid, or on any public cloud.  
  • Integrates with DevOps processes.  
  • Has connection points to many development tools.  
  • Can monitor and analyze telemetry from mobile apps by integrating with Visual Studio.

BASELINE CONFIGURATION

Config Name Description Solution GE Control ID
RG Resource Group requirement Must use same region for resource, resource group and subscription Standard EA
Network Type Access to the service Must opt NO for "Accept data ingestion& Query from public networks not connected through a Private Link Scope" SEC 1.2
Data Encryption Send data Securely To ensure security of data transit to Azure Monitor. With an enforce to configure the agent to use at least TLS 1.2 SEC 7.2
Authentication/Authorization Authenticate to console services and data sources using Azure native security services Authenticating of services using AAD IAM RBAC SEC 2.1
Keys API keys stored in keys Vault as secrets You can either create your own keys or store them in a key vault APIs to generate keys. SEC 4.1
Logging Collect platform logs and operation logs. Logs must be stored in Gas Power Cyber approved logging destination: central analytics workspace in 328-gp-azr-ops SEC 3.11

Tagging Considerations

Policy Name Description Solution
UAI tag All speech services must be tagged with a valid UAI - Example: Key: uai
- Value: uai1234567
- Use lower case name and value
Env tag All speech services must be tagged with a tag corresponding to the application environment - Example: Key : env, Value: prd
- For Valid envs see item 5.2 in cloud controls document
- Use lower case name and value
Appname tag Must tagged with application short name where applicable - Example: Key: appname
- Value: ABC123

Resource Standards and Policies

Config Name Description Solution
Naming convention Resource follows standard naming convention Apply naming standards based on the following guidelines
Naming & Tagging Standards

Ready to experience the full power of cloud technology?

Our cloud experts will speed up cloud deployment, and make your business more efficient.  

Start Today !

Network Considerations

Config Name Description Solution
Standard network Configuration Standard vnet, subnet, NSG configuration applied See network baseline config for more information.
Private endpoints Deny public internet access Ensure that key vault is accessible only over Stakeholder private network

Identity and Access Management

Config Name Description Solution Mandated/Optional IAM Policy CF Template
IAM RBAC Configuration Standard RBAC roles defined for speech service and assigned to users See Stakeholder’s approved baseline configuration for more information Mandated

Operational Considerations

Config Name Description Solution
API Key rotation Keys should be rotated periodically. Generate Keys regularly and store keys in Key Vaults
Backup and Recovery Ensure Regular automated Backups Follow standards to backup

ISmile Technologies brings its managed cloud security services to your defence. We help you reimagine cloud security by building it into the foundation of your company. In this way it can meet your business’s evolving needs cost-effectively as a fully managed, consumption-based, as-a-service model, ensuring advanced security. Schedule a free assessment today.

CLOUD Engineer

Gopi Krishna

I’m working as Cloud DevOps Engineer. Expertise in technologies of Kubernetes, cloud services and cloud-native services, and DevOps technologies in various clouds.

Liked what you read !

Please leave a Feedback

Leave a Reply

Your email address will not be published. Required fields are marked *

Related articles you may would like to read

Reducing E-waste: Strategies for Proper Disposal and Recycling of Electronic Equipment
Read More

Calculate Your DataOps ROI with Ease!

Simplify your decision-making process with the DataOps ROI Calculator, optimize your data management and analytics capabilities.

Calculator ROI Now!

Don't Miss Out on This Exclusive Webinar!

Discover how to optimize your IT operations and drive business success with our exclusive webinar.

Register Now

Connect With Us
  • USA : 501 S Weber Rd Unit 108, Bolingbrook, IL 60490
  • Canada : 3191 Stocksbridge Ave Oakville, ON L6M 0A7
  • India : 2-3-285, Secunderabad, Hyderabad, 500003
About Us
Linkedin-in Whatsapp Instagram Youtube
Subscribe to our Newsletter

Subscribe to ISmile Cloud Insider Newsletter to get insights on deep Cloud market analysis & trends.

End to End Solution
Managed Services
Partners
Resources
Get in Touch
Privacy Policy
Copyright © 2022  ISmile Technologies

Find our Resources

Proposals

Know the specific resource requirement for completing a specific project with us.

Blog

Keep yourself updated with the latest updates about Cloud technology, our latest offerings, security trends and much more.

Webinar

Gain insights into latest aspects of cloud productivity, security, advanced technologies and more via our Virtual events.

ISmile Technologies delivers business-specific Cloud Solutions and Managed IT Services across all major platforms maximizing your competitive advantage at an unparalleled value.

About Us +

Request a Consultation

Strategies for Optimizing Your IT Operations

Learn the latest strategies for optimizing your IT operations and driving business success. Register now to gain insights from industry experts and start implementing effective solutions.
Register for Webinar