Making Your Azure Storage Account More Secure: 3
In the previous article, we introduced the second best practice, Ensure that ‘Enable key rotation reminders’ is enabled for each Storage Account and Regenerate Access Keys Periodically.
In this post, I’d like to introduce the third best practice. Let’s move on!
#3 Ensure Storage for Critical Data are Encrypted with Customer Managed Keys
By default, data in the storage account is encrypted using 256-bit AES encryption with Microsoft Managed Keys at rest. However, you can control and manage this encryption key yourself to protect the data in your storage account. You can click on “Encryption” to open the “Encryption” panel and then select “Custom managed keys” in the “Envryption type” option.