In the previous article, we introduced the second best practice, Ensure that ‘Enable key rotation reminders’ is enabled for each Storage Account and Regenerate Access Keys Periodically.
In this post, I’d like to introduce the third best practice. Let’s move on!
#3 Ensure Storage for Critical Data are Encrypted with Customer Managed Keys By default, data in the storage account is encrypted using 256-bit AES encryption with Microsoft Managed Keys at rest.
In the previous article, we introduced the first best practice, Ensure that ‘Enable Infrastructure Encryption’ for Each Storage Account in Azure Storage is Set to ‘enabled’.
In this post, I’d like to introduce the second best practice. Let’s move on!
#2 Ensure that ‘Enable key rotation reminders’ is enabled for each Storage Account and Regenerate Access Keys Periodically A periodic rotation of access keys is a good idea to ensure that potentially compromised keys cannot result in a long-term exploitable credential.
Data protection is important because it helps to protect sensitive data from unauthorized access, modification, or destruction. For organizations that use cloud services for storing and processing data, it helps to ensure that data is stored securely and is available when needed.
Azure Storage Account is a service that provides secure cloud storage for data in Microsoft Azure cloud. In this series of posts, I’d like to share a few suggestions to make your Azure Storage Account more secure!
#1 Azure Security Monitoring Tools Microsoft Azure provides the following monitoring tools, which can be used to observe operations and detect abnormal behavior.
Azure Security Center Strengthens the security posture of your data centers, and provides advanced threat protection across your workloads in the cloud (whether they’re in Azure or not) and on-premises. Get a unified view into the infrastructure and resources provisioned for the workload.
Azure Sentinel Use the native security information event management (SIEM) and security orchestration automated response (SOAR) solution on Azure.