By Ashley Denness
At Fordway, we specialise in delivering secure and efficient IT solutions tailored to organisations that handle sensitive data, including government agencies and enterprises in highly regulated sectors. A cornerstone of our approach is the Zero Trust security model, which operates on the principle of “never trust, always verify.” This model ensures that every access request is thoroughly authenticated and authorised, regardless of its origin.
One of the latest tools within this framework is Azure Bastion Premium. Currently in public preview, Azure Bastion Premium provides secure, seamless Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to your Azure-hosted virtual machines (VMs) without exposing them to the public internet. By eliminating the need for public IP addresses, Azure Bastion Premium significantly reduces potential attack surfaces, aligning with Zero Trust principles by enforcing strict access controls and minimising exposure.
You can learn more about Azure Bastion Premium in Microsoft’s latest announcement here.
Key Features
The most important addition is session recording. This feature logs everything that happens during a remote session, whether it’s through Remote Desktop Protocol (RDP) or Secure Shell (SSH). For organisations needing to maintain compliance or track user activity for auditing, this provides complete visibility and accountability.
Another significant feature is integration with Azure Active Directory (AAD). This enables identity-based access control, so only authorised users can connect to virtual machines, and their level of access can be carefully managed. It’s an important step for implementing the principle of least privilege, ensuring users only have access to what they need.
Finally, the Premium tier introduces customised security controls, allowing organisations to define specific rules for how users connect to virtual machines. This gives more flexibility and precision in securing remote access.
How Fordway Integrates Azure Bastion Premium
Our Cloud Connectivity Zero Trust Network Service provides a comprehensive solution to transition from traditional WAN and VPN connectivity to an open-access, internet-based Zero Trust Network Access. This service protects your people, devices, applications, and data, regardless of their location.
Additionally, our Cloud Identity and Authentication service establishes a robust identity foundation, which is crucial for implementing effective Zero Trust access and connectivity to organisational resources.
Integrating Azure Bastion Premium into these services allows Fordway to offer a secure, efficient, and streamlined cloud experience, ensuring that your organisation’s data and applications are protected against evolving cyber threats.
For Cloud Security, Bastion Premium can enhance the overall protection of our clients’ cloud environments. Its session recording feature ensures full compliance and accountability, while its secure access methods eliminate the need for public IP addresses, greatly reducing the risk of cyberattacks.
Within our Azure IaaS Operations and Management Services, we can use Bastion Premium to streamline and secure remote access for teams managing Azure virtual machines. The integration with Azure Active Directory ensures only authorised personnel can access resources, while the flexible security controls allow us to customise access to fit the needs of each organisation.
Why It Matters
Azure Bastion Premium simplifies and strengthens secure access to virtual machines in Azure. Its advanced features help organisations reduce risks, meet compliance requirements, and maintain operational efficiency. For businesses handling sensitive data or operating in regulated industries, it’s a valuable addition to their cloud infrastructure.
At Fordway, we are committed to helping our clients make the most of tools like Azure Bastion Premium as part of a secure and well-managed Azure environment. If you’d like to learn more about how this can enhance your cloud security and operations, we’re here to help.
Find out more about Fordway’s services at Fordway.com.
