AZ500 – Microsoft Azure Well-Architected Framework – Security
Defense in depth: A layered approach to security
confidentiality, integrity, and availability, known collectively as CIA.
- Confidentiality: Principle of least privilege.
- Integrity: The prevention of unauthorized changes to information at rest or in transit. A common approach used in data transmission is for the sender to create a unique fingerprint of the data using a one-way hashing algorithm. The hash is sent to the receiver along with the data. The data’s hash is recalculated and compared to the original by the receiver to ensure the data wasn’t lost or modified in transit.
- Availability: Ensure services are available to authorized users. Denial of service attacks are a prevalent cause of loss of availability to users.