Introduction
This module is designed to provide administrators with the knowledge and skills required to plan and implement comprehensive security measures for Azure storage resources, safeguarding data integrity, confidentiality, and availability.
Scenario
Imagine you are an Azure storage administrator responsible for managing storage resources in your organization's Azure environment. Your organization relies on Azure storage services for storing sensitive data, and you need to ensure that this data is protected against unauthorized access and data security threats.
Learning objectives
By the end of this module, you will be able to:
- Plan and implement security strategies for Azure storage resources to protect data at rest and in transit.
- Configure access control for storage accounts to manage permissions effectively.
- Manage the life cycle of storage account access keys to maintain security.
- Select and configure appropriate methods for access to Azure Files, Blob Storage, Tables, and Queues based on specific use cases.
- Implement security measures such as soft delete, backups, versioning, and immutable storage to protect against data security threats.
- Configure Bring Your Own Key (BYOK) to enhance data encryption and key management.
- Enable double encryption at the Azure Storage infrastructure level to provide an additional layer of security.
Goals
The module aims to equip you with the knowledge and expertise necessary to design, implement, and manage a comprehensive security strategy for Azure storage resources. Participants will be able to secure data at rest and in transit, manage access control effectively, and implement encryption and data protection measures to ensure the security of critical data assets.