Azure / Microsoft 365

Is there a holistic way to secure my Azure app services and function apps? #M365AMA

by Christian Buckley · Published December 14, 2021 · Updated December 11, 2021

In this episode, the #M365AMA panel discusses the following community question:

“I’m looking for a holistic approach to secure my azure backends like app services and function apps. By secure, I mean control what can talk to these services and how. I looked into securing backend services with API-M but that that doesn’t prevent me from going directly to the backend (around API-M)”

Check out the discussion here:

Participating in this discussion were:

Christian Buckley @buckleyplanet
Shari Oswald @shortcutshari
Neil Hodgkinson @nellymo
Mike Nelson @mikenelsonIO
Noah Sparks @noahsparks
Hal Hostetler @TVWizard
Norm Young @stormin_30
Eric Riz @rizinsights

Some comments and relevant links shared by the team:

Need to understand the deployment scenario and why this is an issue. Are APIs being presented externally? Want to block internal access for compliance/security reasons? API management provides a means to secure the APIs and control access. The backend APIs may still be accessible to services/connections unless the resources are secured separately.
Protect the API backend – https://docs.microsoft.com/en-us/azure/api-management/transform-api

Tags: ama ask me anything Office Hours

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He sits on the board of TekkiGurus, is an advisor for both revealit.TV and WellnessWits, and provides channel and marketing services for Microsoft partners. He hosts the quarterly #CollabTalk TweetJam, the weekly #CollabTalk Podcast, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.