Making Your Azure Storage Account More Secure: 3

In the previous article, we introduced the second best practice, Ensure that ‘Enable key rotation reminders’ is enabled for each Storage Account and Regenerate Access Keys Periodically.

In this post, I’d like to introduce the third best practice. Let’s move on!

#3 Ensure Storage for Critical Data are Encrypted with Customer Managed Keys

By default, data in the storage account is encrypted using 256-bit AES encryption with Microsoft Managed Keys at rest. However, you can control and manage this encryption key yourself to protect the data in your storage account. You can click on “Encryption” to open the “Encryption” panel and then select “Custom managed keys” in the “Envryption type” option.

Customer-managed keys for Azure Storage encryption

Subscribe To Jiadong Chen's Blog

Jiadong Chen
Cloud Architect/Senior Developer

Cloud Architect at Company-X | Microsoft MVP, MCT | Azure Certified Solutions Architect & Cybersecurity Architect Expert | Member of .NET Foundation | Packt Author ㅣ Opinions = my own.

comments powered by Disqus