Is there a holistic way to secure my Azure app services and function apps? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“I’m looking for a holistic approach to secure my azure backends like app services and function apps. By secure, I mean control what can talk to these services and how. I looked into securing backend services with API-M but that that doesn’t prevent me from going directly to the backend (around API-M)”

Check out the discussion here:

 

Participating in this discussion were:

Some comments and relevant links shared by the team:

  • Need to understand the deployment scenario and why this is an issue. Are APIs being presented externally? Want to block internal access for compliance/security reasons? API management provides a means to secure the APIs and control access. The backend APIs may still be accessible to services/connections unless the resources are secured separately.
  • Protect the API backend – https://docs.microsoft.com/en-us/azure/api-management/transform-api 

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He is a startup advisor and investor, and an independent consultant providing fractional marketing and channel development services for Microsoft partners. He hosts the weekly #CollabTalk Podcast, weekly #ProjectFailureFiles series, monthly Guardians of M365 Governance (#GoM365gov) series, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.