DEV Community

Eng Soon Cheah
Eng Soon Cheah

Posted on

3

Implement Secure data solutions

Azure Security Spectrum

Alt text of image

Encryption

  • Encryption
    Process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext)

  • Decryption
    Process of converting ciphertext back to plaintext

  • Symmetric encryption is used to encrypt more than a small amount of data

    • A symmetric key is used to encrypt the data
    • The same key must be used to decrypt the data

Encryption at rest

  • Encryption (or encoding) of data when it is persisted
    • Very common security requirement to encrypt data with a secret encryption key anytime it is persisted to disk
  • Prevents attackers from accessing sensitive data when they have full access to a server’s machine, storage or drives
  • Encryption at rest design in Azure uses symmetric encryption:
    • A symmetric encryption key is used to encrypt data as it is written to storage
    • The same encryption key is used to decrypt that data as it is readied for use in memory
    • Data may be partitioned, and different keys may be used for each partition
    • Keys are stored in a security-enhanced location with access control policies
    • Data encryption keys are often encrypted with asymmetric encryption to further limit access Encryption at rest in Azure

Encryption at Rest for Azure Services

  • Azure Storage
    • Data is automatically encrypted server-side for all Storage services (Blob, Queue, Table, Files)
    • Keys are managed by the service
  • Azure SQL Database
    • Transparent Data Encryption (TDE) is enabled by default on all new databases
    • Supports customer-managed 2048-bit keys in Azure Key Vault
  • Azure Cosmos DB
    • Backups and media attachments are stored in Blob storage
    • Databases are automatically encrypted on SSDs

Image of Docusign

Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more