In this video, Sharon discusses the options to encrypt storage data in both transit and at rest, including the Microsoft best practice for regenerating Azure Storage Keys.
- [Instructor] Next, let's take a look at how we…can secure our Azure storage.…First of all, we can encrypt our storage, which protects…our data at rest,…and it uses Storage Server Encryption, or SSE.…Your data is automatically encrypted,…before persisting to storage.…And then your data is automatically…decrypted before retrieving.…And when our data is in transit, we can go ahead…and enable client-side encryption:…we can configure HTTPs, or even SMB 3.0…to protect our data in transit.…
You can also secure your storage…by using RBAC, or role-based access control.…With an Azure active directory, you could allow…the owner, contributor, or reader, to access storage.…You can also fine-tune this, and only allow…a storage account contributor to manage that storage,…or the uses access administrator.…So these are the five roles that you can choose from,…if you're going to use RBAC.…Ane let's talk a little bit about…your Storage Service Encryption.…You can encrypt both standard and premium storage,…your Blobs storage accounts,…
Released
7/24/2017- Securing with managed identities
- Securing with hybrid identities
- Security with identity providers
- Identifying the right solution
- Designing a role-based Azure security solution
- Managing security risks
Share this video
Embed this video
Video: Securing Azure Storage