Advanced security of PaaS based Azure data applications – from setup to ALM from Marco Fischer
Slides of the talk from Marco Fischer at the New stars of data conference in August 2020.
A data application build on Azure PaaS components can be set up in short time. Thanks to various documentation available, even beginners can build great functionality with it. A secure baseline and rule set is mandatory for internet exposed services and live data, but it‘s often missing or incomplete in real world projects or planned to be done later.
I like to cover easy ground rules of security, a base understanding of Azure AD identity types and when to use which of them to harden interfaces and endpoints. Security begins before implementation, is part of a collaborative development process, relevant during deployment and remains after service enabling to an operations team. I want to share my experience from my projects of creating data applications from a security perspective, covering cloud infrastructure and application parts, as well as application lifecycle challenges during CI/CD. We‘ll go through examples how to handle secrets savely and manageable and configure Azure resources with diverse security concepts. Not all what’s technical possible is always the best way to go. We‘ll check where avoiding technical options make your data apps even stronger or more robust without them.