This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.
Settings Recommended for MCT Azure Resources
Microsoft Community Training is an online learning environment powered by Azure. Microsoft Community Training platform is installed and deployed on your Azure subscription. Please check my previous post on MCT: MCT Installation, MCT troubleshoot Guide, Content management in MCT. Customers can optimize their use of Azure resources by following a few security settings that Microsoft Community Training suggests.
Recommended settings for MCT Azure Resources after MCT Installation:
Public access for blob should be disabled.
- Go to the storage account of your MCT instance by searching for it in the search box present in home page.
2. In the storage account page, under settings click on configuration.
3. In configuration, ensure that blob public access is disabled.
Soft delete and purge protection
- Go to the key-vault of your MCT instance.
- In the left menu, under settings click on properties.
- Ensure that soft delete and purge protection is enabled.
1. Enable Microsoft defender for cloud
a. Navigate to the SQL server page by searching for the SQL server name in the search bar present on home page.
b. In the left menu, under security click on Microsoft defender for cloud.
c. Ensure that the enablement status shows as enabled.
2. Have admin for SQL server AD
a. Navigate to the SQL server page.
b. In the left menu, under settings click on Azure active directory.
c. Ensure that there is an Azure active directory admin.
1. Go to the app service and in the left menu, under settings.
2. Click on configuration.
a. Ensure that FTP is set to FTPS only.
b. Scroll down and set HTTPS only to 'ON'.
c. TLS version should be 1.2.
The Microsoft Community Training platform supports personalized learning for a large-scale mobile-based community. It is affordable, easy to manage and provides robust security and privacy protection. The user experiences on the platform are optimized for mobile-first and mobile-only users and are kept simple and visual to ease adoption. Users can access courses anytime, anywhere from their choice of devices.
Thank you for reading!