14 March 2022
Securing Your Cloud Enterprise Workloads – Network Segmentation, Private Endpoints and NAT gateways
With global economies quickly entering the #datadriven economy and with data now being viewed as a strategic asset for future value creation, there is an increasing awareness of the importance in protecting that asset through data- and #cybersecurity measures, an aspect that’s also important to build trust among enterprises, organisations and individuals to share and exchange data, pivotal for enabling data as a driver for #digitalinnovation. It’s easy to understand why #informationprotection and #cybersecurity are increasingly becoming focus areas across IT departments as awareness of cybersecurity threats, attacks and their potential implications such as #dataloss, #ransom etc. grows.
Some of the most sophisticated #security and defence #systems in the world utilize a layered approach to security, and many of those concepts are applicable in the #digital realm as well in e.g. enterprise #solution and #securityarchitecture. In one recent workload, I together with the team spearheaded the deployment of virtual network and subnet, with NSGs, integrated #azure #functions, with outbound traffic routed through a #nat #gateway with a static public IP for consuming a third-party application that uses an allow list of IP addresses as a security measure. The benefits of virtual network and subnet integrated resources are numerous, such as network segmentation, enabling private endpoints though #azure Private Link and service endpoints for granular access control in #azure #paas services such as #azure #cosmosdb, #azure #storage and #azure #sql Database. Given that a network rule has been added in the service, and the service endpoint has been added to the subnet, the virtual network #acl will switch the source of the incoming traffic from a public IP to the virtual network addresses, fully removing public internet exposure. Even though virtual networks are isolated by nature, VNet peering can be used if applications needs to communicate to resources in other virtual networks.
Public IPs cannot always be avoided of course, calling for sufficient monitoring, preventing and responding to #malicious#threats and #cyberattacks becomes even more important. #microsoft is the only #cloudserviceprovider that is also a global cybersecurity provider and has adopted a very open approach sharing technical reports on new attacks days or hours after discovery with one example being the cyber attacks on Ukrainian authorities in mid-January 2022. Microsoft also recently launched “Security Insider” aimed at providing #businessleaders and #cisos with general cybersecurity developments, insights and threat intelligence with the first episode “When nation-states attack” covering the increase in ransomware and supply chain attacks in recent years, more in the link below.
Cybersecurity + Threat Intelligence | Microsoft Security Insider
As someone who is interested in the world and society around us, it’s hard to not comment on the current course of events. The grim truth is that large, full-scale war between nations has returned to Europe. The change in policy in some European countries in a short amount of time is staggering. The strength and speed of the actions imposed by the European Union and European Commission at the beginning of the conflict is commendable, I think it’s this kind of determined and firm action and leadership, coordinated together with allies and partners and rooted in belief of universally shared concepts, even on issues outside our common European Union borders, that’s needed for Europe to have a continued and extended leading role in the world. A while ago, Ukrainian authorities recommended citizens to refrain from recording or photographing what’s happening on the streets. With reports of thermobaric weapons and bomber aircraft used in recent days and that chemical weapons may be used, things are getting worse rapidly. Even though it’s something I’ve had in mind earlier, recent events have prompted me to start contributing monthly through my company to Médecins Sans Frontières. Everyone should have an undeniable right for self-determination, freedom to speak their mind, free from need and free from fear. Let’s hope a resolution to this conflict is found soon.
1 December 2022
We welcome Muhammad Younas to our team in Berlin
Axelsson Cloud Consulting Europe is pleased to announce it has hired its first direct cloud consultant employee, Muhammad Younas, in Berlin. “I am very excited to welcome Muhammad Younas to our team here in Berlin. With his long experience of successfully completed projects having leveraged cloud services such as Power Platform, Azure Integration Services, Dynamics ... We welcome Muhammad Younas to our team in BerlinView more
30 September 2022
Axelsson Cloud Consulting at the LoRaWAN World Expo in Paris
In June, we had the pleasure of attending the LoRaWAN World Expo in Paris. There we got a first-hand glimpse of the developments shaping the future of communication via the long-range wide area network (LoRaWAN) protocol. We saw how companies are leveraging LoRaWAN to realize their digital ambitions, where the industry is going, and opportunities ... Axelsson Cloud Consulting at the LoRaWAN World Expo in ParisView more
5 July 2022
New Axelsson Cloud Consulting website launched!
After hard work and dedication, we are delighted to announce the launch of our new website, as well as new graphical profile and logotype, further reflecting the company identity and values. We have improved the accessibility of the site and made the site easier to navigate and more useable, including better responsiveness for mobile devices ... New Axelsson Cloud Consulting website launched!View more