Security for your AVS environment
Security is the heart of every solution that Microsoft offers on Microsoft Azure, and AVS is no exception. Suitable security measures must be implemented for your AVS deployments.
The following aspects should be considered when determining which devices, people, or systems may execute tasks within AVS and how to protect the environment holistically.
Security for identity
It is very important to make sure that you integrate your AVS environment with an identity provider. Active Directory Domain Services (AD DS) or Azure AD DS is utilized by most customers. The following are some key areas that you should focus on:
- Place limits on permanent access: In the Azure resource group that hosts the AVS private cloud, AVS uses the Contributor role. To avoid deliberate or accidental contributor rights misuse, limit permanent access. Use a privileged account management system for auditing and determining the duration that highly privileged accounts...
