Making Your Azure Storage Account More Secure: 1
Data protection is important because it helps to protect sensitive data from unauthorized access, modification, or destruction. For organizations that use cloud services for storing and processing data, it helps to ensure that data is stored securely and is available when needed.
Azure Storage Account is a service that provides secure cloud storage for data in Microsoft Azure cloud. In this series of posts, I’d like to share a few suggestions to make your Azure Storage Account more secure! Let’s move on!
#1 Ensure that ‘Enable Infrastructure Encryption’ for Each Storage Account in Azure Storage is Set to ‘enabled’
Azure Storage automatically encrypts all data in a storage account using 256-bit AES encryption. However, you can also enable 256-bit AES encryption at the Azure Storage infrastructure level for double encryption manually!
In order to enable the infrastructure encryption option, you have to do it during the storage account creation. You cannot enable it after the storage account is created, as you can see in the figure below.
Ok, let’s create a new stroage account. During the creation, after filling in the basic information, select “Encryption” to switch to the Encryption panel, and then you can enable infrastructure encryption here.
Like most technology choices come with trade-offs, enabling Infrastructure Encryption will increase the secure of your storage account but the read and write speeds to the storage account will be impacted if both default encryption and Infrastructure Encryption are checked, as a secondary form of encryption requires more resource overhead for the cryptography of information.