Security is one of the most important aspects of any architecture. Ensuring that your business
data and customer data are secure is critical. To ensure that your applications and data are
secure on cloud platform, we need to dive for security in depth.

The Idea of the security must be applied in the layers depending on your data value. So, if one
defense layer bypass, there would be another layer security layer to protect from hackers.

For example, even if you have Web Application Firewall (WAF) enabled, hackers may directly
attack and add junk data or steal your valuable data.

Thus, your web might need have its own defenses such as Input validation both at front end
back end, Encoding the output, Parameterized queries etc.

Another way to implement multilevel security by Multi-factor authentication. Multi-factor
authentication (MFA) is an authentication method in which a computer user is granted access
only after successfully presenting two or more pieces of evidence (or factors) to an
authentication mechanism such as physical token, password and fingerprint etc.

So, requiring two different factors to authenticate your system, makes it twice difficult to gain unauthorized
access.

There are many potential layers of security to protect your software systems, data and
networks.

• Putting connection strings, access tokens and passwords in Key-Vault.
• Enabling DDoS protection from your hosting provider which is an added layer that
  detects denial service attacks and defense against them. Usually by blocking traffic from
  malicious IP ranges.
• Threat detection which is about utilizing big data analytics to find threats across large
  and disparate data sets.
• Using proper login and auditing mechanism.
• Using JIT access control to close our ports unless you have request for them just for
  short period of time.
• Performing security testing and security code review on your application code.
• Following best practices in regards security design and secure coding.