ASD - Australian Signals Directorate

ASD's Blueprint for Secure Cloud

Platform Security

This section describes the design decisions associated with security components of platform services such as identity, data and overarching platform monitoring threat detection and response, Endpoint security monitoring and protection, security of Hosted Services including IaaS and PaaS workloads across cloud platform providers (Azure, AWS, etc.), and Web Services (SaaS workloads) including both Microsoft 365 and other third party cloud apps for system(s) built using ASD's Blueprint for Secure Cloud.

Estimated reading time: 1 minute

Information Technology (IT) Security refers to protection of networks, servers, intranets, data systems, data and computer systems. To protect these items Microsoft Azure contains several security features and products which together:

  • Secure the Platform – Microsoft Azure and Office 365, through their features and products, enable security in depth.
  • Provide Risk Assessments – Entra ID Protection, Defender for Identity and Microsoft Defender for Endpoint utilise analytics and machine learning to detect and flag unusual/risky behaviour.
  • Provide Visibility into User Behaviour – Defender for Cloud Apps provides security operations dashboards which provide visibility into the activities being undertaken within the environment.
  • Control Data Exfiltration – Data Loss Prevention policies and Defender for Cloud Apps session policies control the flow and protection of information inside and outside of the environment.
Endpoints and Devices

This section describes the design decisions associated with managing endpoint security for system(s) built using ASD's Blueprint for Secure Cloud.

Web Filtering

This section describes the design decisions associated with managing endpoint security for system(s) built using ASD's Blueprint for Secure Cloud.

Web Services

This section describes the design decisions associated with securing Web Services or cloud Software as a Services (SaaS) applications including Microsoft and other third party services for system(s) built using ASD's Blueprint for Secure Cloud.

Identity Security

This section covers the security features associated with ensuring configuration of identity management is effectively monitored and audited and threats can be identified and responded to correctly for system(s) built using ASD's Blueprint for Secure Cloud.

Data Security

This section describes the design decisions associated with managing data security for system(s) built using ASD's Blueprint for Secure Cloud.

Platform Monitoring and Auditing

This section articulates how security monitoring, compliance, threat detection and response from Hosted Services, Web Services, Platform Data and Identity and Endpoints come together in a centralised cloud security solution for platform security operations and audit for system(s) built using ASD's Blueprint for Secure Cloud.

SIEM

This section describes the design decisions associated with Security Information and Event Monitoring for system(s) built using ASD's Blueprint for Secure Cloud.

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra