Learn about Azure security best practices to protect your customers 

As a partner of the Cloud Solution Provider (CSP) program, it is important to develop awareness actions about the use of Azure with customers, so that together, we can take immediate measures and thus determine if the observed behavior is aligned with the legitimacy and reason for using this license. From Microsoft, we want to support you and share some measures that can help you as a partner, mitigate these situations with your customers.  

What to do when you receive a notification? 

Review the following tips below so that you can support your customers: 

•  Check Azure subscriptions and, if they are legitimate, call the API to update the status correctly. For more information, see the notification Azure fraud alert: update fraud events status. 
• You should keep an eye out for any other Azure resources or services that have been provisioned unexpectedly in the last week. Suspend suspicious Azure resources or Azure subscriptions. 
• As a precaution, we recommend that all global administrators of the client's "tenant" immediately change their passwords if they have not already done so. 
• Scan and check all global admin user password recovery emails and phone numbers within Azure AD and update them if necessary. 
• Follow the security of the Partner Center requirements to enable multi-factor authentication for all users of the CSP partner's "tenant". 

• Verify which users, "tenants" and subscriptions are at risk within the Azure Portal. 

For more information, check the recommended cloud solution provider security procedures to mitigate potential security risks within the CSP associate account. 

Step by step: How to receive notifications? 

You can subscribe to different types of partner notifications based on roles, including a fraud event alert that lets you know you when the client's Azure subscription shows possible crypto mining activity in a 30-day period. The following steps show how to set up email notifications: 

1. Log in to the Partner Center dashboard. 
2. Select the Settings icon, and then, select My preferences. 
3. Set up a preferred email address if you haven't already. 
4. Set the preferred language for the notification if you haven't already done so. 
5. Select Security in Notification preferences. 
6. Select the fraud event alerts. 
7. Select the daily summary of events option of fraud to receive a daily summary of unresolved fraud events at the CSP tenant. 
8. Select Save. 

For more information, visit: Azure Fraud Notification and Detection - Partner Center | Microsoft Docs 

Related posts