Cloud Information Security Cannot be Ignored
Enterprises around the world are undergoing a digital transformation revolution, and they are beginning to adopt, migrate, and become familiar with today's complex cloud-based technologies. The security of the cloud itself is the responsibility of the cloud vendor, but how to maintain the security in the cloud requires a comprehensive information security solution to protect it. Microsoft joins hands with Acer Cloud Architecture to lay out the Cloud Native Security market. The two parties have jointly launched Cloud SOC to serve users in the Taiwan market.
The main challenge of cloud information security is managing complexity and keeping abreast of and protecting all activities in the cloud. Acer eDC can provide appropriate cloud-native protection solutions regardless of the stage of cloud transformation an enterprise is in, such as vulnerability management, detecting important network events, responding to events, collecting threat intelligence and taking action to users.
Threat Detection and Response Services Are Integrated in Cloud-Native
MICROSOFT AZURE SENTINEL及DEFENDER FOR ENDPOINT
What problems did we assist customers in solving::
7x24 Threat Event Monitoring
Alert trigger filtering classification helps customers focus on high-risk notifications.
Automated Deployment and Management Platform
Simplify client management and rule settings through automated deployment of related resources.
Real-time Data Collection and Analysis
Large-scale correlation analysis originates from Logs such as cloud bottom layer, network, AAD, endpoint services and other application systems.
Machine Learning and Risk Behavior Analysis
Enable machine learning to improve the accuracy of notifications and dynamically adjust rules.
Use Cloud-native SIEM - Azure Sentinel
Mainly using cloud-native tools, which can best meet the rapid changes in cloud technology.
Comprehensive Risk Management and Control
Combined with Microsoft Defender for Endpoint (MDE), it helps customers manage comprehensive information security from endpoint to cloud.
Service Architecture
Four Aspects of Safety Recommendations
Service Packages Portfolio
| Azure Cloud Security Service Ratings | |||||
| Service Level | Basic Service | Moitoring Service | |||
| B1 Assessment |
B2 Protection |
M1 Cloud SOC |
M2 Threat Response |
||
| Security technical support services | SLA | 5x8 | 5x8 | 7x24 | 7x24 |
| Network security enhancement recommendations (Vent, NSG, VPN, WAF, FW) | 1 time per quarter | V | V | ||
| Microsoft Defender for Cloud APP (CSPM) | 1 time per quarter | V | V | ||
| Microsoft Entra ID (MFA) | 1 time per quarter | V | V | ||
| Azure Monitor security monitoring alarm setting management suggestions | 1 time per quarter | V | V | ||
| Defender for Servers plan (VM) management recommendations | per month | V | |||
| Azure Web WAF security defense settings management recommendations | per month | V | |||
| Azure FW security defense settings management recommendations | per month | V | |||
| Azure DDoS security defense settings management recommendations | per month | V | |||
| Portal (Cloudgoda) Cloud Security Overall Risk Dashboard | daily | V | V | ||
| Azure account activity security audit log storage and management (Audit log) | daily | V | V | ||
| Azure virtual machine security audit log storage and management | daily | V | V | ||
| Azure Cloud Security Service Classification (Continued) | |||||
| Service Level | Basic Services | Moitoring Services | |||
| B1 Assessment |
B2 Protection |
M1 Cloud SOC |
M2 Threat Response |
||
| Security technical support services | SLA | 5x8 | 5x8 | 7x24 | 7x24 |
| Azure Network Security Audit Log Storage Management (NSG) | daily | V | V | ||
| Azure storage security audit log storage and management | daily | V | V | ||
| SOC monitoring alarm notification (SIEM, EDR, Logs) | daily | V | V | ||
| Customized settings for threat risk information (blacklist information) | daily | V | V | ||
| ITSM (Flowza) event tracking statistics system and online reports | daily | V | V | ||
| SOC customized rule alarm settings | 1 time per quarter | V | V | ||
| Threat risk automatic response setting and management (SOAR) | 1 time per quarter | V | |||
| Information security expert incident investigation (option) | 1 time per year | V | |||
| Event response processing assistance (option) | 1 time per year | V | |||
