• Azure Cloud Storage

Microsoft to Enhance Cloud Security with Azure Storage Server Encryption for Managed Disks

Since Data is the “life blood” of your company, it’s important that it stays secure at all times. Data security is even more important in cases where you entrust your data to an offsite cloud services provider like Microsoft or AWS.  Therefore, in order to serve your most demanding security and compliance needs, Microsoft has announced a new Encryption at Rest service for your Azure IaaS (Infrastructure as a Service) offering.

With the Microsoft Azure cloud, it is important to keep track of new features and keep up with the rapid technology releases – and that is where Sierra Systems can help. Sierra System’s Cloud Architects are continually learning and evaluating new features and functionality and looking to how best to apply it to our Client’s environments – maximizing security, performance, and functionality while they focus on their key business goals.

Microsoft now provides Azure customers with the capability to encrypt their VM data on a multi-tenant shared infrastructure with either Microsoft managing the encryption keys, or the customer maintaining complete control of the encryption keys for their data on the Azure Storage Infrastructure.  All storage services within the cloud are not equal.  For example – Microsoft just announced as of June 10, automatic storage encryption for Managed Disks as a feature (Managed Disks were only released in February of this year), whereas Storage Account-based disks can be encrypted with either Microsoft keys or customer managed keys, but it must be enabled.

This release will help to protect and maintain data encryption using 256-bit AES encryption, one of the strongest block ciphers available so that you can continue to meet your security policies and organizational compliance standards.

Storage server encryption works by transparently encrypting the data when it is written to Azure Storage and can be used for Azure Blob Storage and File Storage. It works for the following:

  • Standard Storage: General purpose storage accounts for Blobs and File storage and Blob storage accounts
  • Premium storage
  • All redundancy levels (LRS, ZRS, GRS, RA-GRS)
  • Azure Resource Manager storage accounts (but not classic)

Please see the link here more. for details as announced by Microsoft and for specifics of the @Rest disk data click here https://goo.gl/QgHYWU

2017-07-28T10:48:03+00:00 Tags: , |

About the Author:

Ernie Miller
Ernie is an IT Infrastructure Architect with over 25 years of broad IT Infrastructure experience. He has been successfully involved with numerous systems implementation and migrations covering a vast breadth of technologies. A strong leader with business-focused strategic vision, the ability to make quick tactical decisions, and who works well in multi-disciplined/multi-vendor environments, Ernie’s technical acumen has brought significant value to all of his engagements.