In my previous posts and talks, I've shown you various techniques to strengten the security of your Azure environment.
However, there is one little thing that if we are not careful about, could compromise the security of our Azure environment. That little thing might be so obvious that it's often forgotten. That little thing is to disconnect from our Azure account when we're not using it.
You've may noticed that when you go back to your workstation after few hours (or few days?), and navigate to the Azure portal, you're still logged in to your account. Can you imagine what would happen if someone used your workstation while you were away? If you only have Reader permissions, then no big deal. But imagine if you have administrative permissions (e.g. Contributor or Owner)! That could be harmful.
Fortunately, there's a little hidden gem in the Azure portal that lets you automatically be disconnected from your account after a given period of time of inactivity.
To configure it, simply do this:
To be honest, I'm wondering why this feature isn't enabled by default!
In conclusion...
Today, we have done one more step toward a more secured Azure environment by leveraging a hidden gem in the Azure portal.
Let's keep in touch
You can reach me on Twitter or LinkedIn.
See you soon !
Top comments (0)