Azure Storage security
Azure Storage is the base for nearly all IaaS services. It's a high scalable, available, and fully virtualized cloud storage solution that can be used to provide storage space in many ways.
When talking about storage security it's very important to remember that all earlier discussed security measures such as RBAC or strict identity management should already be deployed.
After that is ensured, it's useful to leverage the special security abilities of Azure Storage. These include:
- Shared access signatures
- Data encryption in transit
- Storage account encryption at rest
- Virtual Hard Disk encryption
- Advanced analytics
Key management
Azure uses 512 bit strings as storage account keys. Paired with the storage account name it enables the user to access the objects in the storage account, for example, blobs, entities within a table, queue messages, and files on an Azure Files share. The access to the data plane of an Storage account is based on the controlling of the access to the Storage...
