Protect data by maintaining visibility and responding quickly to timely security alerts

Auditing and logging of security-related events, and related alerts, are important components in an effective data protection strategy. Security logs and reports provide you with an electronic record of suspicious activities and help you detect patterns that may indicate attempted or successful external penetration of the network, as well as internal attacks. You can use auditing to monitor user activity, document regulatory compliance, perform forensic analysis, and more. Alerts provide immediate notification when security events occur.

21Vianet provides you with configurable security auditing and logging options to help you identify gaps in your security policies and mechanisms and address those gaps to help prevent breaches. To help you manage the large amount of information generated by devices and services running in Microsoft Azure, Microsoft 365, Microsoft Dynamics 365 and Microsoft Power Platform online servicesoperated by 21Vianet, centralized monitoring, logging, and analysis systems are available that provide continuous visibility, timely alerts, and reports. 21Vianet services offer some (and in some cases, all) of the following options: centralized monitoring, logging, and analysis systems to provide continuous visibility; timely alerts; and reports to help you manage the large amount of information generated by devices and services.

Secure infrastructure

Detailed security audit trails are required for compliance with government and industry regulations, and comprehensive information regarding security events are necessary for conducting forensics investigations as a part of the follow-up to incident response. The ability to collect and analyze such information and filter it to fit your criteria is essential for identifying patterns and trends that can be used to protect the infrastructure and proactively prevent future incidents, so 21Vianet leverages monitoring and logging technologies to help you get maximum visibility into what’s going on under the hood on your network and within your applications that can affect the security of your resources and data.

21Vianet provides a number of options for auditing and logging security events.

• Security event logs that are customizable to fit your security and reporting needs can help you keep track of activities that could pose a threat to your virtual machines in the cloud or your systems on-premises.
• Audit policies define the types of events that will be audited and determine to which users the auditing will apply.
• Security alerts are communications—via dashboards, email, or other means—that notify you when a security-related event is occurring or has occurred.
• Export tools can send your data to a third-party SIEM.

Secure apps and data

Microsoft Azure operated by 21Vianet

24 hour monitored physical security. Datacenters are physically constructed, managed, and monitored to shelter data and services from unauthorized access as well as environmental threats.

Create an audit trail for applications that are deployed in Azure and virtual machines created from the Azure Virtual Machines Gallery. Azure enables a set of operating system security events by default. You can add, remove, or modify events to be audited by customizing the audit policy. In addition to generating Windows event logs, you can configure operating system components to generate logs for security analysis and monitoring.

Perform centralized analysis of large data sets by collecting security events from Azure infrastructure as a service (IaaS) and platform as a service (PaaS). You can then use HDInsight to aggregate and analyze these events, and export them to on-premises security information and event management systems for ongoing monitoring.

Monitor access and usage reporting by taking advantage of Azure logging of administrative operations, including system access, to create an audit trail in case of unauthorized or accidental changes. You can retrieve audit logs for your Microsoft Entra ID tenant and view access and usage reports. This helps you gain visibility into the integrity and security of your deployment, and better determine where possible security risks may lie. Security is monitored with the aid of centralized monitoring, correlation, and analysis systems that manage the large amount of information generated by devices within the environment and providing timely alerts. In addition, multiple levels of monitoring, logging, and reporting are available to provide visibility to customers. In the Azure Management Portal, you can view usage and asset reports such as reports of anomalous sign-in events, user-specific reports, and activity logs.

Learn more about Using access and usage reports

Export security alerts to on-premises SIEM using Windows Azure Diagnostics (WAD), which can be configured to collect Windows security event logs and other security-specific logs. You can also export this data into a third-party, on-premises security information and event management (SIEM) system for analysis and alerting. Learn more

Microsoft 365 operated by 21Vianet

Microsoft 365 auditing policies enable you to log events, including viewing, editing, and deleting content such as email messages, documents, task lists, issues lists, discussion groups, and calendars. When auditing is enabled as part of an information management policy, you can view the audit data and summarize current usage. You can also use these reports to determine how information is being used within the organization, manage compliance, and investigate areas of concern.

For business, legal, or regulatory reasons, you may have to retain email messages sent to and from users in your organization, or you may want to remove email that you aren't required to retain. Messaging records management (MRM), the records management technology in Microsoft 365, enables you to control how long to keep items in users' mailboxes and define what action to take on items that have reached a certain age.

Learn more about Office 365（a component of Microsoft 365） security

Microsoft Power Platform online services operated by 21Vianet

With the Azure Audit logs content pack for Power Platform online services you can analyze and visualize audit logs from Azure services. You can use Power BI to retrieve Azure data, build an out-of-the box dashboard, and create reports based on that data. You can then see all the data in one place and analyze it to gain new insights. You can filter the reports and add fields that you want to monitor. You can also control the refresh timing of the data in the dashboard, which refreshes the underlying reports to give you the most current information.

Microsoft Dynamics 365 for Customer Engagement operated by 21Vianet

The Dynamics 365 for Customer Engagement auditing feature logs changes that are made to customer records and user access so you can review the activity later. The auditing feature is designed to meet the auditing, compliance, security, and governance policies of many regulated enterprises.

As an administrator, you control which classes of activity are audited, and the retention lifecycle of the audit logs themselves.

Learn more via product documentation on the Dynamics 365 for CE auditing feature.