1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Managing Azure Data Protection and Security Compliance

Configuring a security policy

Start course
Duration1h 12m



As companies race toward the cloud, it’s imperative that IT professionals keep up with the times. Keeping up with the times means maintaining the ability to deploy and maintain cloud-based solutions – particularly those offered through Microsoft Azure.

In this course, you will learn how to create and manage encryption keys in Azure, prevent and respond to security threats to Azure resources, configure access to Azure applications via single sign-on, manage access to Azure applications, and configure federation with public consumer identity providers like Facebook and Google. 

Learning Objectives

  • Create and import keys in the Azure Key Vault
  • Define, configure, and assess security policies
  • Harden Azure resources against threats
  • Configure single sign-on for SaaS applications
  • Configure federation with public consumer identity providers like Facebook and Google

 Intended Audience

  • People interested in becoming Azure security engineers 


  • General knowledge of IT infrastructure
  • General knowledge of the Azure environment






- [Instructor] Although security center automatically creates a default security policy for each of your Azure subscriptions, you will often find that you need to specially configure certain aspects of your policy. The ability to make changes to the default security policy requires you to be an owner, contributor, or a security administrator of the Azure subscription. To configure a security policy, login to the Azure portal and click on security center in the left pane. 

From the main menu, click security policy, which is located under policy and compliance. From there, select the subscription that you want to manage. Under policy components, select security policy. From the list of available options, toggle the switch to on for any security configurations that you wish to monitor. Toggle the switch to off for any configurations that you're not interested in. So as you can see here, we have everything turned on. 

We're not using any sequel in our environment. So let's turn off sequel-related configurations here. And then after making the selections, just click save. Security center will assess the configuration of your environment on a continuous basis, and when a vulnerability is detected, security recommendations will be generated. Now some configurations, including system updates and OS configurations, can take up to 12 hours to actually generate recommendations. 

However, other configurations, such as network security groups and encryption configurations are typically addressed pretty quickly. As recommendations become available in the security center dashboard, you could begin assessing the security of those resources.

About the Author


Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.