Azure Managed Services
Project Hosts provides services that allow a customer to become fully compliant for a deployment on Microsoft Azure: Azure Managed Services, which includes Performance Management, Security Management, and Apps Management, and Documentation and Assessment Management for Custom Compliance, ISO 27001, HIPAA, HITRUST and GDPR.
Project Hosts provides three Azure Managed Services offerings:
-
Azure Performance Management
-
Azure Security Management
-
Azure Access & Application Management
All three service offerings are required in order to implement the full set of varions compliance controls for an environment.
Service Details
-
Experts in Azure Managed Services
Rely on our more than 14 years of experience in building, securing and maintaining cloud based applications. Our team of experts will provide comprehensive Azure Managed services that include: Azure Performance Management, Azure Security Management, Azure Access & Application Management, and ISO 27001 Compliancy.
-
Azure Performance Management
We ensure your applications and workloads are monitored 24×7, performance optimized and scaled to your organization’s needs, with appropriate level of backup, archiving and disaster recovery services and testing, and person-to-person technical support required for your cloud solutions.
-
Azure Security Management
We fully implement the security controls that you require, and ensure conformance to your particular requirements including ISO 27001, GDPR and custom compliance.
-
Azure Access & Applications Management
We setup and manage user access to your applications including SSO (Single Sign On), along with general application management for updates, patches, and web application vulnerability scanning.
-
ISO 27001, GDPR, and Custom Compliance Documentation and Assessment Management
We provide support for gaining custom compliance, ISO 27001, HIPAA, HITRUST and GDPR compliance certification with our Documentation and Assessment Management, and Documentation of Security Controls. This ensures documentation of Security Controls, Procedures, and Implementation Proposals, Self-assessment support, and Third-party assessment management or support.
-
Documentation of Security Controls
To demonstrate compliance with these standards, it is important to have a deep understanding of (i) exactly which aspects of each control are covered by Azure, (ii) how to implement technical solutions for the other controls that integrate seamlessly with the Azure controls, and (iii) what kinds of responses, processes, and evidence will satisfy auditors.
Service Details
1. AZURE PERFORMANCE MANAGEMENT
Project Hosts’ Azure Performance Management services include the following:
-
24/7 performance monitoring and alerts
-
Provisioning servers or scaling to larger or smaller servers
-
Weekly virtual image backup and restore
-
Weekly, daily, hourly database backup and restore
-
Managing and testing DR restores in secondary Azure data center
-
OS systems administration for Windows and Centos Linux
-
Database administration for MS SQL and MySQL
-
24/7 technical support
-
Performance optimization recommendations
2. AZURE SECURITY MANAGEMENT
Project Hosts’ Azure Security Management services include implementing and managing the following:
-
ISO 27001 Security Controls
-
Azure subnets with their NSG “firewall” access controls
-
An Active Directory Domain to manage servers and group policy
-
Web Application Proxy (WAP) servers as the controlled front door to the Deployment
-
McAfee Host Intrusion Prevention System (HIPS) on every server, and EndPoint Protection centrally managed by ePolicy Orchestrator
-
Remote Desktop Gateway servers for secure remote administration
-
Logging configuration, collection, alerting, and review
-
OS, DB and application software patching
-
Project Hosts’ Centralized inventory tracking and alerting system (Admin Center)
-
Incident response system with periodic tests
3. AZURE ACCESS & APPLICATION MANAGEMENT
Project Hosts’ Azure Access Management services include implementing and managing the following:
-
Single sign-on (SSO) from other authentication systems
-
Quarterly web app vulnerability scanning – Monthly cloning of servers in the deployment for scanning (where scanning production servers would cause disruption)
-
Coordination with customer to patch web applications or modify configurations
-
24/7 support of applications on Project Hosts’ approved application list
-
Project Hosts’ user authorization and administration tool (PH Portal)
4. ISO 27001, GDPR, AND CUSTOM COMPLIANCE DOCUMENTATION AND ASSESSMENT MANAGEMENT
With more than 13 years of expertise in securing Microsoft cloud solutions, the Project Hosts security team understands the exact control responses, technical implementations, and evidence that are required to demonstrate full SaaS compliance of ISO 27001 and GDPR standards for an environment built on Microsoft Azure IaaS. In some cases, Project Hosts may also implement additional controls required by enterprise customers to address their unique security and privacy needs.
If Project Hosts is providing the Azure Managed Services described above, then a customer may also elect to have Project Hosts provide the following services through its ISMScloud SaaS solution:
-
Documentation of Security Controls, Policies, Procedures, and Implementation Proposals
-
Third-party assessment Management or Support
5. DOCUMENTATION OF SECURITY CONTROLS
To demonstrate compliance with these standards, it is important to have a deep understanding of (i) exactly which aspects of each control are covered by Azure, (ii) how to implement technical solutions for the other controls that integrate seamlessly with the Azure controls, and (iii) what kinds of responses, processes, and evidence will satisfy auditors.
Project Hosts documents all of the control responses in its ISMSCloud tool. For each ISO 27001 and GDPR control, a technical response is provided that is consistent with the Azure Managed Services that Project Hosts is providing. In addition, many controls link to relevant policies or screenshot evidence of controls actually being in place. This allows third-party auditors to efficiently verify compliance with each control.