![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 66%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHT%3C/text%3E%3C/svg%3E)
Azure Files
An Azure service that offers file shares in the cloud.
@Hernando Torres Welcome to Microsoft Q&A Forum, Thank you for posting your query here!
Firstly, Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information. For more information refer to Microsoft Online Subscription Agreement
Azure Data Disposal Policies: Azure offers data disposal policies that help ensure that data is unrecoverable when deleted. These policies are aligned with various compliance standards, including PCI DSS. You can configure Azure Blob Storage, Azure Files, and other Azure services to enforce these policies. The Azure Data Disposal policies are designed to make data deletion unrecoverable, meeting stringent compliance requirements.
To ensure that files are securely erased from an SFTP service in Azure, you can use Azure Blob Storage with the Azure Blob Storage client library for .NET or other programming languages. Azure Blob Storage provides a feature called "soft delete" that allows you to recover deleted blobs for a specified period of time. However, you can also use the "purge" operation to permanently delete blobs and ensure that they are not recoverable.
Here are the steps you can take to securely erase files from an SFTP service in Azure using Azure Blob Storage:
- Create an Azure Blob Storage account: If you don't already have an Azure Blob Storage account, you can create one in the Azure portal.
- Configure soft delete: Configure soft delete for your Blob Storage account to ensure that deleted blobs are recoverable for a specified period of time. You can configure soft delete using the Azure portal or the Azure Blob Storage client library.
Delete the files: Delete the files you want to securely erase from the SFTP service using the Azure Blob Storage client library. This will mark the blobs for deletion, but they will still be recoverable for the specified period of time.
Purge the blobs: After the specified period of time has passed, use the "purge" operation to permanently delete the blobs and ensure that they are not recoverable. You can use the Azure Blob Storage client library to perform the "purge" operation.
By following these steps, you can securely erase files from an SFTP service in Azure using Azure Blob Storage.
Additional information: Azure Storage - Permanent Delete Soft-Deleted objects
Azure Key Vault: Use Azure Key Vault to manage and control keys, secrets, and certificates used for data encryption and secure deletion. You can create and store cryptographic keys for encryption and decryption and use them to protect sensitive data in Azure.
Data Encryption: Implement robust data encryption mechanisms for your files and data. Azure offers encryption at rest and in transit. Encrypting your data ensures that even if it is somehow accessed after deletion, it remains unreadable without the appropriate decryption keys.
Audit Logging: Enable Azure's auditing and logging capabilities to monitor data access and deletion. This helps in tracking any unauthorized access attempts or unusual activities related to file erasure.
- Secure File Deletion: When deleting files from Azure storage, make sure that the deletion process is irreversible and uses secure deletion methods. Azure's data disposal policies are designed to meet this requirement.
- Third-Party Solutions: While BitRaser may not be directly compatible with Azure cloud files, you can explore third-party solutions specifically designed for secure file erasure in the cloud. These solutions often provide additional features and can be integrated into your Azure environment.
- Audit Logging: Enable Azure's auditing and logging capabilities to monitor data access and deletion. This helps in tracking any unauthorized access attempts or unusual activities related to file erasure.
Secure File Deletion: When deleting files from Azure storage, make sure that the deletion process is irreversible and uses secure deletion methods. Azure's data disposal policies are designed to meet this requirement.
It's essential to work closely with your organization's compliance and security teams to ensure that your data sanitation procedures meet the specific PCI DSS requirements. Additionally, regularly review Azure's security and compliance documentation to stay up-to-date with best practices and recommended procedures for secure data handling.
Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.