Onboarding : Azure Data Encryption


Key concepts

  • Key/vault
  • Key Encryption Key (KEK)
  • Encryption at Rest
  • Encryption at Transit

VM’s Disk Encryption

Disk encryption prerequisites
Virtual Machine
Key vault with advanced access policies
KEK for additional security
Virtual Network

Azure Storage encryption

  • Supports encryption at rest
    • Microsoft managed keys
    • Customer managed keys
      • Azure key Vault for manage key and audit key usage (storage and key vault must be in the same region, but can be in different subscription)
      • On-prem
  • Key must have these properties (by default enable)
    • Soft Delete
    • Do Not Purge


SQL encryption

coming soon…

Add a testimonial from someone who loves your service. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Proin id arcu aliquet, elementum nisi quis, condimentum nibh. Donec hendrerit dui ut nisi tempor scelerisque.

Jane Doe

Book a free consultation today.

%d bloggers like this: