Virtual machines (VMs)
Here are some things you should be following with respect to VMs:
- Protect VMs with secure authentication and access control
- Use the ARM Template for consistency in deployment
- Use multiple VMs for better availability, and consider putting them into availability sets
- Integrate VMs into Azure Security Center and use anti-malware
- Leverage Azure Monitor to help with visibility into resource issues
- Encrypt your disks
Note
For more details, refer the MSDN documentation, available at https://blogs.msdn.microsoft.com/plankytronixx/2015/05/01/azure-exam-prep-fault-domains-and-update-domains/
The following practices should be avoided:
- Do not give everyone admin control, useless you use Azure Privileged Identity Management
- Donot allow VMs to get behind our their patches and updates
- Do not forget to use a key encryption key (KEK) as an extra layer of encryption.
Note
Keep VMs with the same life cycle in the same resource groups, and use tagging to roll up billing cost to departments, if necessary...