You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-desktop/security-guide.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ titleSuffix: Azure
4
4
description: Best practices for keeping your Azure Virtual Desktop environment secure.
5
5
author: heidilohr
6
6
ms.topic: conceptual
7
-
ms.date: 12/15/2020
7
+
ms.date: 01/11/2022
8
8
ms.author: helohr
9
9
ms.service: virtual-desktop
10
10
manager: femila
@@ -52,11 +52,11 @@ We recommend enabling Microsoft Defender for Cloud's enhanced security features
52
52
- Assess compliance with common frameworks like PCI.
53
53
- Strengthen the overall security of your environment.
54
54
55
-
To learn more, see [Enable enhanced security features](../security-center/enable-enhanced-security.md).
55
+
To learn more, see [Enable enhanced security features](../defender-for-cloud/enable-enhanced-security.md).
56
56
57
57
### Improve your Secure Score
58
58
59
-
Secure Score provides recommendations and best practice advice for improving your overall security. These recommendations are prioritized to help you pick which ones are most important, and the Quick Fix options help you address potential vulnerabilities quickly. These recommendations also update over time, keeping you up to date on the best ways to maintain your environment’s security. To learn more, see [Improve your Secure Score in Microsoft Defender for Cloud](../security-center/secure-score-security-controls.md).
59
+
Secure Score provides recommendations and best practice advice for improving your overall security. These recommendations are prioritized to help you pick which ones are most important, and the Quick Fix options help you address potential vulnerabilities quickly. These recommendations also update over time, keeping you up to date on the best ways to maintain your environment’s security. To learn more, see [Improve your Secure Score in Microsoft Defender for Cloud](../defender-for-cloud/secure-score-security-controls.md).
60
60
61
61
## Azure Virtual Desktop security best practices
62
62
@@ -101,11 +101,11 @@ For profile solutions like FSLogix or other solutions that mount VHD files, we r
101
101
102
102
### Install an endpoint detection and response product
103
103
104
-
We recommend you install an endpoint detection and response (EDR) product to provide advanced detection and response capabilities. For server operating systems with [Microsoft Defender for Cloud](../security-center/security-center-services.md) enabled, installing an EDR product will deploy Defender ATP. For client operating systems, you can deploy [Defender ATP](/windows/security/threat-protection/microsoft-defender-atp/onboarding) or a third-party product to those endpoints.
104
+
We recommend you install an endpoint detection and response (EDR) product to provide advanced detection and response capabilities. For server operating systems with [Microsoft Defender for Cloud](../defender-for-cloud/integration-defender-for-endpoint.md) enabled, installing an EDR product will deploy Microsoft Defender for Endpoint. For client operating systems, you can deploy [Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/onboarding) or a third-party product to those endpoints.
105
105
106
106
### Enable threat and vulnerability management assessments
107
107
108
-
Identifying software vulnerabilities that exist in operating systems and applications is critical to keeping your environment secure. Microsoft Defender for Cloud can help you identify problem spots through vulnerability assessments for server operating systems. You can also use Defender ATP, which provides threat and vulnerability management for desktop operating systems. You can also use third-party products if you're so inclined, although we recommend using Microsoft Defender for Cloud and Defender ATP.
108
+
Identifying software vulnerabilities that exist in operating systems and applications is critical to keeping your environment secure. Microsoft Defender for Cloud can help you identify problem spots through [Microsoft Defender for Endpoint's threat and vulnerability management solution](../defender-for-cloud/deploy-vulnerability-assessment-tvm.md). You can also use third-party products if you're so inclined, although we recommend using Microsoft Defender for Cloud and Microsoft Defender for Endpoint.
109
109
110
110
### Patch software vulnerabilities in your environment
111
111
@@ -139,7 +139,7 @@ By restricting operating system capabilities, you can strengthen the security of
139
139
140
140
- Restrict Windows Explorer access by hiding local and remote drive mappings. This prevents users from discovering unwanted information about system configuration and users.
141
141
142
-
- Avoid direct RDP access to session hosts in your environment. If you need direct RDP access for administration or troubleshooting, enable [just-in-time](../security-center/security-center-just-in-time.md) access to limit the potential attack surface on a session host.
142
+
- Avoid direct RDP access to session hosts in your environment. If you need direct RDP access for administration or troubleshooting, enable [just-in-time](../defender-for-cloud/just-in-time-access-usage.md) access to limit the potential attack surface on a session host.
143
143
144
144
- Grant users limited permissions when they access local and remote file systems. You can restrict permissions by making sure your local and remote file systems use access control lists with least privilege. This way, users can only access what they need and can't change or delete critical resources.
0 commit comments