You’ve painstakingly architected your Sitecore 9 installation on
Sitecore comes with two standard cloud deployment models: Infrastructure-as-a-Service (IaaS) utilizing virtual machines, and Platform-as-a-Service (PaaS), utilizing Azure’s “ready made” environment. Like IaaS, PaaS includes infrastructure - servers, storage, and networking - but also middleware, development tools and database management systems.
Currently, deploying Sitecore XP to an Azure PaaS environment is a popular option. Here we attempt to boil down the key Sitecore PaaS security checks you should be executing.
Sitecore 9 PaaS deployments via an Azure Marketplace ARM (Azure Resource Manager) template come with some level of security by default. For example, the Sitecore roles use SSL with client certificate validation to communicate with each other and the certificate validation process requires the set up of a secure client certificate as part of any Azure installation.
The Azure Marketplace ARM template also requires strong passwords for all databases and Azure SQL server only allows connections from Azure IP's making it somewhat harder to compromise. The Azure SQL password policy is:
Remember, that if you are downloading and configuring your own custom Quick Start template, it is important to make sure you are utilizing as much basic security as possible.
In addition to the above, using the Azure Marketplace ARM template and associated Sitecore WebDeploy packages (WDPs) will provide you with the following security hardening measures:
xConnect Role Secured via SSL Client Certificate
The xConnect server roles support an additional layer of security, known as SSL Client Certificate Authentication. The xConnect web services use server-to-server communication and are non-interactive. This means the client certificate allows Content Management and other server roles to connect securely to Web API services using a client certificate and a pre-shared key, or thumbprint.
Database Firewall Enabled
Following standard Azure operating procedure, when the new Azure SQL instance is created, the database firewall is set up to block all access to the public endpoint for the server.
Azure Search & Redis Require API keys
Azure Search and Redis require API keys which are generated and set by the template.
While one size doesn’t fit all in terms of hardening unique PaaS installations, there are a few basic additional hardening steps that users would be advised to take or check they are covered via any ARM deployment technique, The following is not an exhaustive list; refer to the official security tasks documentation to review all steps to consider.
The Azure platform comes with a suite of strong security and audit tools which help make it possible to create secure Sitecore solutions on the secure Azure PaaS platform. The following tools can be enabled (with the right subscription level) in Azure to provide confidentiality, integrity, and availability of customer data, while also enabling transparent accountability:
Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud.
Azure Monitor maximizes the availability and performance of your applications and services by delivering a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments.
Application Insights is an extensible Application Performance Management (APM) service for web developers. Application Insights can be used to monitor a live Sitecore application and automatically detect performance anomalies. It also includes powerful analytics tools to help diagnose errors and issues.
Now comes the part many don’t want to hear. You need policies. It may put a bad taste in some mouths, but policies can be helpful when done for the right reasons.
Where security is a key component of your website, standard IT and development policies and clear documentation are essential. For example, when operating in a cloud environment where elasticity can be used to scale out services, written policies and procedures handling scalability thresholds and monitoring processes will help make things much easier over time and satisfy a large number of standard compliance demands.
There is also no shortcut to executing standard routines around reviewing official security documentation and update notifications. Take time to regularly review and subscribe to Sitecore security bulletins and plan for a thorough analysis of the official Sitecore security guide and Azure security documentation.
CMS software can be complex, no matter how tech savvy you are. Sitecore is no different, and implementing a best-practice secure PaaS installation can require help from the experts. The tips above will help you secure your Sitecore 9 XP PaaS installation, but it’s okay if you need some personalized help to make sure your application and underlying cloud architecture is as safe as possible.
Get in touch with Engine Room if you’d like us to take a look at your installation and make sure it’s as secure as it can be. We can’t wait to work with you.