Microsoft Encryption of Data-at-Rest White Paper
There are essentially 3 types of encryption you want to think about when working with a cloud service provider:
Encryption in Flight (network encryption)
Encryption in processing (application data encryption)
Encryption at rest is about protecting data on disk. You need to make sure that an attacker who might to acquire a hard drive (spinning or solid state) will not be able to pull data off that drive. The most common way of doing this is to mount the disk offline.
Of course, when we’re talking about a public cloud service provider like Microsoft Azure, the chance of such an occurrence is vanishingly small. Therefore, a more compelling reason for making sure data is encrypted at rest is so that you can satisfy compliance mandates.
However, in the end, encryption at rest is just another commonsense measure you should employ as part of your defense in depth strategy.
With this in mind, we think you’ll want to know what we do, and what we help you to do, with encryption at rest in Azure.
Just click the page below to find out!
Thanks!
Tom
Tom Shinder
Program Manager, Azure Security
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me