Digital Transformation Project – Big4

This was the most recent digital transformation project that I worked on for a member firm of one of the leading Big Four organizations. It was a really fascinating project because the primary deliverable of the project was the transformation of applications to Azure, but we also covered all areas of security in depth; some of them are captured out here

Management group hierarchy meets organizational compliance and privacy requirements

Defined different administrative roles and apply across all subscriptions (RBAC)

Determined the right deployment model (manual, policy, or IaC with Automations API etc)

Enabled Defender, triggering the registration of the Microsoft Security resource provider via policy

Enable Defender for Servers (P1 or P2), RG and default workspace created in subscription region

Onboard ARC agent for non-Azure VMs, ARC-less method in preview

Install onboarding package (enable MDAV / MDE), start with a pilot ring.

Deploy Azure Monitor Agent, ARC Agent, Qualys Agent, or Guest Configuration agent via policy

Enable Defender for Servers on the Log Analytics Workspace. Workspace auto created per location

More than 1 month retention of logs required in ALA? CSPM auditing or visualisation requirements?

SIEM connector for alert visibility?

GCP or AWS connector?

Automation (logic app) for alerts received

Method of install and management (auto-provision, SCCM, CHEF, GPO, Intune (MEM), MDE-attach)

Network requirements, proxy, private link?

Endpoint update strategy for Microsoft update

Endpoint configuration (passive mode, exclusions)?

Portal config (live response, block mode etc)

I emailed the key project stakeholders to let them know what aspects of the project I could discuss on my personal portfolio website and what information I could disclose. Based on their feedback, this section will be revised, until then, please stay tuned. Thank you.