The A–Z of Cloud Security.

Posted 26 April 2022 by Laura

There are hundreds of cloud related products and services out there today. Far more than we could ever even attempt to fit in to a beautifully crafted blog post. SEO eat your heart out, but even the biggest of geeks have their limitations.

But we have pulled together a glossary of what’s what in the cloud. Naturally, the aaaaaalphabetical list starts strong…

A

Active Directory Domain Services (AD DS) is Microsoft's pre-cloud directory-based identity related services.

Advanced Threat Analytics (ATA) from Microsoft helps protect businesses from advanced targeted cyberattacks and insider threats. ATA is really clever; detecting suspicious activity and then adapting and learning, keeping up with the changing threats and user behaviours.

Advanced Threat Protection (ATP) solutions are designed to defend against complex malware attacks that specifically target sensitive data.

 Antivirus 30% of businesses with antivirus solutions have either incorrectly configured or deployed them.

Azured Australia is our sister company, located in sunnier climes…and where the Azured journey began. We might live miles apart – but we work closely together.

Azure Cloud is made up of more than 200 products and cloud services. We probably won’t cover them all here…but we’ll have a damn good try.

Azure Active Directory is the master. The complete identity and access management solution with integrated security, connecting a whopping 425 million people to their apps, devices and data, every month.

Azure Active Directory Domain Services enables you to join Azure virtual machines to a domain without domain controllers.

Azure Cost Alerts allow you to monitor usage in a more budget-friendly way. Best of all, it's automated so you'll be alerted as soon as you go over your set thresholds and spending limits.

 Azure Data Lake Storage is a scalable and secure data lake built on Azure Blob Storage. For all your high performance workloads.

 Azure DDoS Protection helps to defend your applications from Distributed Denial of Service (DDoS) attacks.

Azure Landing Zone brings together all your subscriptions in to Azure for scale, security, governance, networking and identity.

Azure Virtual Desktop combines the scale, security and cost benefits of Azure and Microsoft 365 – for a secure, seamless remote desktop experience from pretty much anywhere in the world, be it café, boat or mountainside. Remote and hybrid teams, we see you.

Azured Baseline Security Review does exactly what is says on the tin. It’s our mainstay, the kick-starter to any IT project. It provides an in-depth report covering Azure Active Directory, Single Sign-On, Email Security, Conditional Access, Azure and Active Directory.

Azured Data Protect is our fully managed data protection service with digital rights management. We’re here to make sure your critical business data and IP remains yours, and only yours.

 Azured Device Protect is our fully managed device protection solution with tusks made from Microsoft Defender for Endpoint and Heuristic AV. 

Azured Identity Protect for safe access, protection and monitoring of all your business-critical apps, data and files in the Azure cloud.

Azure Network Security provides everything you need to keep your network secure with Azure Firewall, Azure DDoS, Azure Front Door, Azure Bastion and Azure Content Delivery Network. A Forrester study looking at the cost savings and business benefits provided by Azure Network Security reported a 165% ROI.

Azured Remote Protect is our fully managed, subscription-based Firewall as a Service, powered by next-gen technology from Palo Alto…with some funky stuff behind the scenes making enterprise-grade security solutions affordable for SMBs.

Azured Sentinel Starter Kit from Azured is designed to introduce, establish and provide a framework for working with Microsoft Sentinel. (See also 'Microsoft Sentinel')

B

Breached! is our LinkedIn newsletter. This is where we share some of our favourite content that we think our network will find useful, interesting – or even maybe both. It’s easy to subscribe, just sign up here.

C

Conditional Access policies are, at their simplest, if-then statements, i.e. if a user wants to access a resource, then they have to complete an action first. For example, if a finance manager wants to access the payroll system, they will need multi-factor authentication to access it.

Customer Charter We’re really quite proud of who we are and the service experience we deliver to our clients. So much so that we’ve written the Azured Customer Charter to show we’re serious about our space in the Azure cloud security world.

Cyber Essentials is a UK government-backed scheme to help protect organisations against the most common cyberattacks. It’s seen as a good benchmarking standard.

Cyber Insurance is specifically designed to protect businesses from data breaches and cyber-attacks. It’s predicted that the global cyber insurance market will grow from $7bn to $20.6bn by 2025.

Cybersecurity as the attack surface area and the level of sophistication of cyberattacks increase, businesses need to consider the operational, financial, reputational and strategic consequences a cyberattack would have on the way they do things.

Cyber Strategy should be based around the framework of Identity, Protect, Detect, Response, and Recovery. It should be specific, actionable, realistic – with a roadmap for delivery. Consider how to calculate and manage risk, plug vulnerabilities, and how to implement the next steps of your cyber strategy. We know it sounds like a lot of hard work and that your time is just too precious, but when there’s a hacker at your door…

D

Data Loss Prevention (DLP) for intelligent detection and control of sensitive information across Office 365, One Drive, SharePoint, Microsoft Teams – and the endpoints to which they’re connected.

Data Breach More than 60 per cent of businesses go bust after experiencing a data breach.

Databricks was named a Leader in Gartner’s Magic Quadrant for Data Science and Machine Learning platforms, and provides one platform to unify all your data, analytics and AI workloads.

Database Migration simplifies on-premises database migration to the cloud.

DDoS Attacks aim to overwhelm online services and ultimately, take that service offline. Help defend against attacks with Azure DDoS Protection.

Device Management In the chain of cloud security, the device is often the weakest link. So much can go wrong. Out of date software and operating systems, inadequate protection, user error… and with the number of networked devices expected to hit 29.3 billion devices by 2023, there’s no better time to get your devices in order.

Digital Transformation Moving over to the cloud is rarely an easy decision for any business. And, as with anything worthy of your time and effort, preparation is key; user management, network, storage capacity, perimeters, firewalls, servers, and devices all need your consideration.

Dynamic Multipath Optimisation (DMPO) uses techniques developed  by VMware to deliver a resilient solution that considers the current performance of WAN links. Watch the short video.

E

Email Security is a beast. It covers everything we need to predict, prevent, detect and respond to both attacks and access protection…for the 306.4 billion emails that were sent in 2021 alone.

Endpoint Protection Platform (EPP) is a security solution for endpoints, i.e. servers and devices, to protect against cyberthreats like antivirus protection, firewalls, anti-malware software, and data loss prevention (DLP). EPPs typically sit in the cloud, using cloud data to support businesses with advanced monitoring and remote remediation. See Microsoft Defender for Endpoint.

Endpoint Security protects endpoints, your network-connected devices like laptops, mobile phones, servers. Endpoint security protects, yep you got it, all the endpoints, from all those malicious actors.

Exchange Online Protection is Microsoft's cloud-based filtering service  that protects against spam malware and other email threats (and great for securing your business against phishing attacks).

F

Firewall Secure your network by monitoring all incoming and outgoing traffic – and controlling what’s allowed in and out of your organisation. Rules and policies are where the fun starts, and things are even better when the firewall is configured and deployed correctly…

Firewall as a Service (FWaaS) is our next-gen firewall with a managed internet gateway in Microsoft Azure, underpinned by the latest Palo Alto tech. Fully managed and subscription-based, for total flexibility and scalability. We currently manage 50+ firewalls in the UK and Australia so we know a thing or two...

G

Gartner If there's anything worth knowing in the world of cloud technology research, let Gartner be your oracle. 

H

Human Operated Ransomware is where cybercriminals infiltrate an organisation’s IT infrastructure, elevate their privileges, and deploy ransomware to critical data. It's different from traditional ransomware as these attacks target an entire organisation – rather than deploying malware on a single device. They are one of the most significant and impactful trends in cyberattacks today...but they are preventable

Hybrid Cloud IT strategies combining on-premises and cloud infrastructure is a pretty common sight, either during the transition to full cloud or, believe it or not, forever and ever.

I

Identity and Access Management (IAM) Your name’s not down, you’re not coming in. With complete control over who can access what and when – your personalised policies decide who can come in, how long they can stay for – and if you’d like them to show you an extra form of ID along the way (MFA, anyone?). Download our free guide to Cloud Identity and Access Management.

Into The Blue is our monthly e-newsletter delivered directly to your inbox. Sign up to receive our best bits of insight and information about cloud security, all in one place.

J

Jumanji Navigating your way through the pitfalls of cloud adoption can be a bit like playing the game Jumanji – without the monkeys and Dwayne Johnson (more’s the pity). If you get stuck, you could always try calling our name out loud three times.... Azured. Azured. AZURED!

K

Keepnet Labs is a service that helps expose vulnerabilities in your email setup as well as your user behaviour and helps remediate them. There's a real emphasis on the human factor in email security.

L

Luxury Yacht What we can all kick back on once our cloud security, much like the yacht itself, is watertight. Sangria in hand, sun cream at the ready, mankini donned, slightly dubious paella waiting.... Enjoy!

M

Man-in-the-Middle Attacks MITM attacks involve a hacker sitting between a network user and a web application (or server) that they’re trying to connect to. Just sitting there, collecting your personal data, passwords, banking details…

Mobile Device Management MDM allows admins to control, secure, configure, deploy and enforce policies on mobile endpoints like mobile phones, tablets and laptops.

Microsoft 365 formerly knows as Office 365. Work securely in the cloud from just about anywhere with Outlook, Teams, Word, Excel, PowerPoint and SO many more apps and services.

Microsoft Defender Advanced Threat Protection (ATP) for preventative protection, post-breach detection, automated investigation, and response. It’s fair to say, it's got your back in the Azure cloud.

Microsoft Defender for Cloud Apps protects your multi-cloud and hybrid environments by providing rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud applications in your environment

Microsoft Defender for Endpoint is a new and complete endpoint security solution. Easy to use and cost effective, businesses can secure their Windows, macOS, Linux, Android, iOS, and network devices against sophisticated threats including malware and ransomware.

Microsoft Defender for Office 365 protects your Office 365 subscriptions against advanced threats like business email compromise and credential phishing, and automatically investigate and remediate attacks. Named a Leader in The Forrester Wave: Email Security 2021.

Microsoft Digital Defence Report includes practical information and guidance from the security experts at Microsoft – empowering businesses to defend themselves against the risk of cyberthreats.

Microsoft Gold Partner Azured is a certified Microsoft Gold Partner – our crew over in Australia have even been recognised as a top 3 Microsoft Azure Partner in the Australian SME market. As a company, we take our Gold status very seriously. 

Microsoft Intune focuses on mobile device management (MDM) and mobile application management (MAM). Intune gives you complete control of all devices and apps, and ensures compliance across your organisation.

Microsoft Remote Desktop is an app that allows you to connect to a remote PC or virtual apps and desktops.

Microsoft Secure Score allows you to measure the strength of your organisation's security, tighten any areas that need tightening, and track your progress across your entire cloud environment.

Microsoft Sentinel is a security information and event management platform. See also 'Azured Sentinel Starter Kit'. 

Multi Factor Authentication or MFA is recommended by Microsoft as the single most important deterrent against cyber attacks. We’ve said it once, we’ve said it twice…and we’ll probably never stop saying it.

N

Network as a Service (NWaaS) by Azured. Optimise your network, deliver key applications faster and more securely, and reduce costs and management with NWaaS, our fully-managed SD-WAN solution powered by VMWare VeloCloud.

Network-based Attacks are carried out using vulnerabilities within the network or application and include DDoS attacks, eavesdropping Attacks, SQL injection and cross-side scripting (XSS) attacks.

Next-generation Firewalls (NGFW) have been designed to address advanced security through intelligent, context-aware security features. The only type of firewall worthy of Azured's Firewall as a Service (FWaaS).

O

Office 365 Advanced Threat Protection (ATP) is a cloud-based email filtering system to protect your business against unknown malware and viruses

P

Palo Alto We believe the Palo Alto firewall is the best firewall in the market, so it made sense for us to build our FWaaS around their technology. Palo’s next-gen intelligent firewalls are the most successful in reducing risks and preventing attacks.

Passphrases are the new form of password with three or more random words put together. Numbers and characters should be added to strengthen them, like ToTheMoonAndBack007. Avoid things like pet’s names, favourite holidays – anything that can be found on your social profiles (see social engineering).

Passwords The list of the 10 most common passwords are eye-wateringly difficult to comprehend in such a complex world. It seems there are plenty of folk adopting a “keep it simple” approach with one weak password used across multiple identities, devices and applications. Locking down those strict password policies is crucial.

Phishing is a type of cyberattack that tricks users into opening emails, texts or instant messages. Here are some tips to protect your business against phishing attacks.

Power BI is a collection of software services, apps, and connectors that work together to turn unrelated sources of data into coherent, visually immersive, and interactive insights.

Privileged Identity Management (PIM) is a service in Azure Active Directory that enables you to manage, control, and monitor access to important resources within your organisation. If you’re looking to minimise the number of people with access to secure information or resources, PIM might be the answer.

Q

Qui-Gon Jinn. Now, we know we’re clutching at straws here – but you try thinking of a cloud-related subject beginning with Q. All we can say is Qui-Gon was the imparter of some of the best advice ever, “Feel, don’t think. Trust your instincts. And your cloud security specialist”. Yep, he really did say that.

R

Ransomware is a form of malicious software (or malware) designed to encrypt files, databases and applications, blocking users and administrators from accessing systems until a hefty ransom is paid.

Ransomware as a Service Cybercriminals operating illegal RaaS businesses help orchestrate attacks, including providing the decryption methods and handling the ransom payment.

Recovery Plan It’s fair to assume you’re going to be hacked. But having a Recovery Plan in place will keep any downtime to a minimum and ensure the team knows how to proceed in the event of an attack. Documenting the process will potentially highlight any gaps in your business before a problem arises.

Remote Access allows staff to securely access their desktop computers or servers from another device over the internet.

Remote Working According to Gartner, 48% of employees will work remotely in the post-pandemic world. The recent increase in cyberattacks isn’t just down to an increase in remote working. But the speed and haste at which systems were configured and deployed, during the rush get everyone working remotely, might have some explaining to do.

S

Secure Access Service Edge or SASE (pronounced “sassy”) is a technology used to deliver wide area network (WAN) and security controls as a cloud computing service directly to the source of connection (user, device, branch office, Internet of things (IoT) device, or edge computing location) rather than a data centre.

SD-WAN We strive to work with the best and as far as WAN edge infrastructure goes, there is no better choice than VMware SD-WAN. The concept is a bit of a mind-bender, so we put together a short explainer video.

Self-Service Password Reset (SSPR) is built into Azure Active Directory and allows users to reset their passwords without administrator or helpdesk support. Money and time saved. Easy peasy. 

Single Sign-On (SSO) allows users to access multiple applications with one set of credentials. This might sound risky, but when configured properly SSO can lead to quicker and more secure experience.

Social Engineering is where hackers access your network, services, identity, apps and infrastructure by manipulating the single most variable and therefore most vulnerable asset in your organisation…yep, your people. 

SQL or Structured Query Language is a standard language for accessing databases and has been an international standard (or ISO) since 1987. The old ones are the best an' all that.

T

Telstra came to us back in 2015 with a tough problem. No one else could solve it. Until we came along. Since then, we’ve been Telstra’s partner-in-residence, and we work closely with them to drive innovation.

U

Unsecure network is not to be confused with an insecure network, which you deal with very differently by telling them how lovely they look in blue and asking if they’ve had a new haircut. An unsecure network is often a free guest wifi that doesn’t require authentication to connect to and is obviously a happy playground for hackers.

V

Virtual WAN optimises and automates branch to branch connectivity through Azure.

VMWare VeloCloud When it comes to WAN edge infrastructure, there’s no better choice than VMware SD-WAN by VeloCloud. Protect your WAN with SD-WAN as they say...

VPN or Virtual Private Network allows remote users (for employees who are not on an office-managed network) to securely access an organisation's services; keeping your data secure in the cloud, and completely out of harm's way.

W

Wide Area Network (WAN) is a wide network connecting smaller networks of computers over a large area (a region, country or even the world). Y'know like the internet...

Y

Yacht. (See Luxury Yacht)

Z

Zero Trust It's simple. Trust nothing or no-one. Microsoft’s Zero Trust model is based on verifying explicitly, using the least privileged access, and ALWAYS assuming breach. It covers identities, endpoints, apps, data, infrastructure, and networks.