Portable Computers
Any laptops which are being used within the company cannot be left unattended. Appropriate measures to safeguard your laptop should be implemented, including locking computers. Passwords to access such laptops should be no less than 10 characters and should contain a mix of Uppercase, Lowercase characters, a special character and a number. Fingerprint or Face recognition are also allowed to gain access to a laptop.
Any portable media which have confidential data should should be be safely secured in a lockable place. All backups should be stored on devices which are also password protected.
Remote Printing
No printers should be left unattended when when printing or soon printing confidential data through remote printing. All users should make sure that when printing such data the user is near the printer, so that these documents are taken away immediately.
Only when the printer is physically protected can such remote printing be done.
Data and Program Backups
Software backups should only be done on approved ShowsHappening NAS storages which are password protected. Critical web applications should also be backed daily in Azure, using Azure’s main backup functionality . The person creating the backup is responsible to ensure that the backups are valid, but periodically loading such backups to ensure they are valid.
Database Vulnerability Assessment and Advanced Threat Protection
Appropriate Database Vulnerability Assessment tools should be used to Safeguard all databases. In the case of Azure databases Microsoft Defender for SQL should be turned on to ensure that the database is protected for vulnerabilities and threats.
Database audits
Database auditing should be turned on ShowsHappening main database. In the case where Azure is being used to host databases Azure Auditing should be turned on to audit all database evebts. This audit should be stored in Blob containers which are safeguarded through access keys as defined in this network policy document.
Security Monitoring
Diagnostic logs are enabled on Microsoft Azure apps, and Microsoft Defender for the Cloud is enabled throughout our Azure subscription providing useful insights on any security issues, or vulnerabilities in our apps.