The goal of cyber security standards is to improve the security of information technology (IT) systems, networks, and critical infrastructures. A cyber security standard defines both functional and assurance requirements within a product, system, process, or technology environment. A standard must address user needs, but must also be practical since cost and technological limitations must be considered in building products to meet the standard. Additionally, a standard’s requirements must be verifiable; otherwise, users cannot assess security even when products are tested against the standard.
Many organizations security needs are driven by compliance requirements. Azure Security Center measures compliance against the following:
|
Standard
|
Author
|
Description
|
|
Azure CIS 1.1.0
|
Center for Internet Security
|
Set of security controls
published by the Center for Internet Security
|
|
PCI DSS 3.2.1
|
Payment Card Industry Standards
Council
|
Standards required for
organizations that manage payment card data
|
|
ISO 27001
|
International Standards
Organization
|
Set of security controls for
information security systems. Standard 27017 is cloud computing specific.
|
|
NIST 800-53
|
National Institute of Standards
and Technology
|
Security and Privacy Controls for
Federal Information Systems and Organizations.
|
Our proposal: let us manage your security compliance!
Managed Azure Security Services