{"id":80234,"date":"2018-02-26T09:00:04","date_gmt":"2018-02-26T17:00:04","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=80234"},"modified":"2023-05-26T15:21:28","modified_gmt":"2023-05-26T22:21:28","slug":"best-practices-for-securely-moving-workloads-to-microsoft-azure","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/","title":{"rendered":"Best practices for securely moving workloads to Microsoft Azure"},"content":{"rendered":"<p>Azure is Microsoft\u2019s cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer others, depending on the service delivery model chosen. To ensure that a customer\u2019s cloud workloads are protected, it is important that they carefully consider and implement the appropriate architecture and enable the right set of configuration settings.<\/p>\n<p>Microsoft has developed a set of Azure security guidelines and best practices for our customers to follow. These guides can be found in the\u00a0<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security\/security-best-practices-and-patterns\">Azure security best practices and patterns documentation<\/a>. In addition, we\u2019re excited to announce the availability of the Center for Internet Security\u2019s (CIS) Microsoft Azure Foundations Security Benchmark, developed in partnership with Microsoft. CIS is a non-profit entity focused on developing global standards and recognized best practices for securing IT systems and data against the most pervasive attacks.<\/p>\n<p>The CIS Microsoft Azure Foundations Security Benchmark provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. Its scope is designed to assist organizations in establishing the foundation level of security for anyone adopting the Microsoft Azure cloud. The benchmark should not be considered as an exhaustive list of all possible security configurations and architecture but as a starting point. Each organization must still evaluate their specific situation, workloads, and compliance requirements and tailor their environment accordingly.<\/p>\n<p>The CIS benchmark contains two levels, each with slightly different technical specifications:<\/p>\n<ul>\n<li>Level 1 \u2013 Recommended, minimum security settings that should be configured on any system and should cause little or no interruption of service or reduced functionality.<\/li>\n<li>Level 2 \u2013 Recommended security settings for highly secure environments and could result in some reduced functionality.<\/li>\n<\/ul>\n<p>The CIS Microsoft Azure Foundations Security Benchmark is divided into the following sections:<\/p>\n<table style=\"height: 538px\" width=\"1172\">\n<tbody>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\"><strong>Section<\/strong><\/p>\n<\/td>\n<td style=\"text-align: center\" width=\"284\"><strong>Description<\/strong><\/td>\n<td width=\"132\">\n<p style=\"text-align: center\"><strong>No. of Rec. Controls<\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Identity and Access Management<\/p>\n<\/td>\n<td width=\"284\">Recommendations related to setting the appropriate identity and access management policies.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">23<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Azure Security Center<\/p>\n<\/td>\n<td width=\"284\">Recommendations related to the configuration and use of Azure Security Center.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">19<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Storage Accounts<\/p>\n<\/td>\n<td width=\"284\">Recommendations for setting storage account policies.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">7<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Azure SQL Services<\/p>\n<\/td>\n<td width=\"284\">Recommendations for securing Azure SQL Servers.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">8<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Azure SQL Databases<\/p>\n<\/td>\n<td width=\"284\">Recommendations for securing Azure SQL Databases.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">8<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Logging and Monitoring<\/p>\n<\/td>\n<td width=\"284\">Recommendations for setting logging and monitoring policies on your Azure subscriptions.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">13<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Networking<\/p>\n<\/td>\n<td width=\"284\">Recommendations for securely configuring Azure networking settings and policies.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">5<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Virtual Machines<\/p>\n<\/td>\n<td width=\"284\">Recommendations for setting security policies for Azure compute services, specifically virtual machines.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">6<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"208\">\n<p style=\"text-align: center\">Other Security Considerations<\/p>\n<\/td>\n<td width=\"284\">Recommendations regarding general security and operational controls, including those related to Azure Key Vault and Resource Locks.<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">3<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"492\">\n<p style=\"text-align: center\"><strong>Total Recommendations<\/strong><\/p>\n<\/td>\n<td width=\"132\">\n<p style=\"text-align: center\">92<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p>Each recommendation contains several sections, including a recommendation identification number, title, and description; level or profile applicability; rationale; instructions for auditing the control; remediation steps; impact of implementing the control; default value; and references. As an example, the first control contained in the benchmark is under the Identity and Access Management section and is titled: <em>1.1 Ensure that multi-factor authentication is enabled for all privileged users (Scored)<\/em>. A control is marked as \u201cScored\u201d or \u201cNot Scored\u201d based on whether it can be programmatically tested. In this case, recommendation 1.1 can be audited leveraging the <a href=\"https:\/\/graph.microsoft.com\/\">Microsoft Graph<\/a> and PowerShell commandlet. The specific steps for auditing the control are contained in the &#8220;Audit&#8221; section for this specific recommendation. This recommendation is listed as a Level 1 control because it is only applied to Azure administrative users and would not have a company-wide impact or produce less functionality for users. The rationale for recommendation 1.1 is that Azure administrative accounts need to be protected due to their powerful privileges, and with multiple factors for authentication, an attacker would need to compromise at least two different authentication mechanisms, increasing the difficulty of compromise and thus reducing the risk to the Azure tenant.<\/p>\n<p>The benchmark is freely available in PDF format on the <a href=\"https:\/\/www.cisecurity.org\/benchmark\/azure\/\">CIS website<\/a>.<\/p>\n<p>You can also find more information on <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/security-center\/\">Azure Security Center<\/a> and on <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/active-directory\/\">Azure Active Directory.<\/a> Both are critical solutions to securely deploying and monitoring Azure workloads and are covered in the new CIS benchmark.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Azure is Microsoft\u2019s cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer others, depending on the service [&hellip;]<\/p>\n","protected":false},"author":61,"featured_media":80039,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3659],"topic":[3667,3673],"products":[3690,3692,3696],"threat-intelligence":[],"tags":[3742],"coauthors":[1916],"class_list":["post-80234","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-best-practices","topic-cloud-security","topic-identity-and-access-management","products-microsoft-defender","products-microsoft-defender-for-cloud-apps","products-microsoft-defender-for-identity","tag-azure"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Best practices for securely moving workloads to Microsoft Azure | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Best practices for securely moving workloads to Microsoft Azure | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Azure is Microsoft\u2019s cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer others, depending on the service [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-26T17:00:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-26T22:21:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"168\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Microsoft Security Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Security Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/microsoft-secure-blog-staff\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Security Team\"}],\"headline\":\"Best practices for securely moving workloads to Microsoft Azure\",\"datePublished\":\"2018-02-26T17:00:04+00:00\",\"dateModified\":\"2023-05-26T22:21:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\"},\"wordCount\":686,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png\",\"keywords\":[\"Azure\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\",\"name\":\"Best practices for securely moving workloads to Microsoft Azure | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png\",\"datePublished\":\"2018-02-26T17:00:04+00:00\",\"dateModified\":\"2023-05-26T22:21:28+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png\",\"width\":300,\"height\":168},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Best practices for securely moving workloads to Microsoft Azure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Best practices for securely moving workloads to Microsoft Azure | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/","og_locale":"en_US","og_type":"article","og_title":"Best practices for securely moving workloads to Microsoft Azure | Microsoft Security Blog","og_description":"Azure is Microsoft\u2019s cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer others, depending on the service [&hellip;]","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/","og_site_name":"Microsoft Security Blog","article_published_time":"2018-02-26T17:00:04+00:00","article_modified_time":"2023-05-26T22:21:28+00:00","og_image":[{"width":300,"height":168,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png","type":"image\/png"}],"author":"Microsoft Security Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Microsoft Security Team","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/microsoft-secure-blog-staff\/","@type":"Person","@name":"Microsoft Security Team"}],"headline":"Best practices for securely moving workloads to Microsoft Azure","datePublished":"2018-02-26T17:00:04+00:00","dateModified":"2023-05-26T22:21:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/"},"wordCount":686,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png","keywords":["Azure"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/","name":"Best practices for securely moving workloads to Microsoft Azure | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png","datePublished":"2018-02-26T17:00:04+00:00","dateModified":"2023-05-26T22:21:28+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/EMS_Cloud_5-300x168.png","width":300,"height":168},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/02\/26\/best-practices-for-securely-moving-workloads-to-microsoft-azure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Best practices for securely moving workloads to Microsoft Azure"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/80234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=80234"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/80234\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/80039"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=80234"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=80234"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=80234"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=80234"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=80234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=80234"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=80234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}