Security and Compliance

No-code/Low-code democratizes software development with little to no coding skills needed. But how do you evaluate if software DIY is the right choice for you?

Open-source software has become an essential part of many organisation's software supply chain, however, this poses challenges with license compliance and security assurance.

When implementing OpenChain, understanding the specification will help guide your organisation to having processes in place to review and manage open-source software

The key risks associated with open-source software, from whether you use it minimally, to using it throughout all your systems.

With much of the modern world is built upon software, organisations need to understand and manage the legal and security risks associated with open-source software.

Signing git commits proves that you are the author of the code you are pushing up to GitHub, and helps protect the integrity of your software supply chain.

Bicep provides a significant improvement in tooling for organisations seeking to deploy infrastructure as code on Microsoft Azure.

Fix the "You need permission" error in Azure Synapse Analytics with this guide, addressing its causes and solutions for Data Engineers/Developers.

Assign roles in Synapse Studio for Azure Synapse Analytics devs using Azure CLI. Accessible by Owners/Contributors of the resource.

Despite the subsequent media reporting, the loss of 16,000 Covid-19 test results at Public Health England wasn't caused by Excel. This post argues that a lack of an appropriate risk and mitigation analysis left the process exposed to human error, which ultimately led to the loss of data and inaccurate reporting. It describes a simple process that could have been applied to prevent the error, and how it will help if you're worried about ensuring quality or reducing risk in your own business, technology or data programmes.

This post quickly runs through the steps for setting up a new Microsoft Authenticator App for a work or school account.

Learn to encrypt data in your app using C# and Azure SDK libraries, and secure keys with Azure Key Vault. Discover the easy setup process in this blog.

Discover a technique for setting up multiple, concurrent authenticated sessions using azure-cli in this post.

Explore why Microsoft's new Spark offering in Azure Synapse Analytics is a game-changer for Azure Databricks investors.

Azure Key Vault safeguards encryption keys & secrets for secure data access. It offers isolated storage, AD integration, RBAC, and access policies.

In this blog we discuss building a secure data solution using Azure Data Lake. Data Lake has many features which enable fine grained security and data separation. It is also built on Azure Storage which enables us to take advantage of all of those features and means that ADLS is still a cost effective storage option!This post runs through some of the great features of ADLS and runs through an example of how we build our solutions using this technology!

Explore how to build secure solutions on Azure using Azure Functions and Managed Identities, eliminating the need for storing credentials.

Explore Azure Policy for proper tagging on resources and enabling tag inheritance from parent resource groups.

Explore Azure Active Directory's key concepts: AAD apps, service principles, managed identities, with setup examples.

We've been helping customers adopt Microsoft Azure since 2010, we have produced a lot of thought leadership to help people think about the steps required, the risk involved and how to plan a successful adoption.

In the third and final part in this series we compare the risk of Azure vs the risk of on-premise data centres, using the Swiss Cheese Risk Model.

Read about how we set up automated backups of our office security camera footage and used Power Automate to alert us if anything went wrong

Explore AWS, Azure, and Google Cloud Platform's offerings for cloud migration. Understand their services for your specific needs.

In the second part of this series, we take a deep dive into the Swiss Cheese Model and show how this type of threat modelling is essential for understanding the risks that adopting Microsoft Azure post your organisation, and how you mitigate them.

In the first part of this series, we look at how you take a strategic look at the risks of adopting Microsoft Azure, and how you report these to C-level execs.

We have produced an insightful booklet called "Embracing Disruption - Financial Services and the Microsoft Cloud" which examines the challenges and opportunities for the Financial Service Industry in the UK, through the lens of Microsoft Azure, Security, Privacy & Data Sovereignty, Data Ingestion, Transformation & Enrichment, Big Compute, Big Data, Insights & Visualisation, Infrastructure, Ops & Support, and the API Economy.

There is a lot of hype about the blockchain - usually wrapped up with talk about Bitcoin and crypto-currencies. In this article, we look at its impact on trust, and auditability in financial services, and why it may (or may not) be appropriate for your solutions.

In this post we review the FCA's guidelines for the adoption of cloud services by FinTech businesses, and help you to understand their impact across the value chain.