Risk Level: Low
Description:
The security contact phone number is configured with this plugin. Setting security contacts guarantees that any security issues discovered by Azure are forwarded to a security team that is capable of dealing with the situation.
Recommended Action: Ensure that phone notifications are configured for the subscription from the Security Center.
About the Service :
Microsoft Azure Security Center is a collection of tools for monitoring and managing the security of virtual machines and other cloud computing resources in Microsoft's public cloud. The Azure Security Center is accessed through the Azure management interface by administrators. Policy Configuration, Data Collection, Recommendation, Alerts, etc. features are some of the most important elements of Azure Security Center.
Impact:
If there is no valid security contact phone number for each Microsoft Azure subscription that you own, Security Center will not be able to reach out to you if it identifies any breaches or compromises in your Aure Cloud resources.
Steps to reproduce ( Using Azure CLI ):
- Sign in to your Azure CLI.
- Run the following command to describe current security configurations:
az security contact list
- If there is no security contact phone number defined, then security contact using phone number configuration in the Azure Security Center configuration settings is not available for the selected Microsoft Azure subscription.
- Repeat step no. 2-3 for each Microsoft Azure subscription available in your account.
Steps for remediation :
- Sign in to your Azure CLI.
- Type the following command to set up phone contact for security alerts in your Microsoft Azure subscription:
az security contact create -n "<alert_user_name>" --email '<your_email>' --phone '<your_contact_number>' --alert-notifications 'on' --alerts-admins 'on'
- Replace the values of -n attribute with name, –email from email address obtained from running the az security contact list command from steps to reproduce.
- Repeat steps no. 2 and 3 to reconfigure each Microsoft Azure subscription that is misconfigured in your account.
References:
- https://docs.microsoft.com/en-us/azure/security-center/security-center-provide-security-contact-details
- https://azure.microsoft.com/mediahandler/files/resourcefiles/cis-microsoft-azure-foundations-security-benchmark/CIS_Microsoft_Azure_Foundations_Benchmark_v1.0.0.pdf
Please feel free to reach out to support@pingsafe.ai with any questions that you may have.
Thanks
PingSafe Support