Data at rest is information in any digital format that resides in persistent storage on physical media. This media also includes archived data, files on magnetic or optical media, and data backups. The variety of data storage solutions in Azure offers encryption for data at rest, such as table, blob, file, and disk storage. Azure also provides encryption to protect data in Azure SQL Database, Azure Data Lake, and Cosmos DB.
In the next section, we are going to cover data encryption and decryption at rest.
Encrypting and decrypting data at rest
Data encryption at rest is a mandatory step toward achieving data privacy and compliance. Data at rest is encrypted by default in Azure Storage and Azure SQL Database. Many other services offer default encryption as well. Azure Key Vault can be used to store the keys that access and encrypt the data. The following Azure services support one or more of the encryption-at-rest models.
Azure Disk Encryption
You...
