Microsoft Azure offers a wide range of options to secure and protect your data, regardless of the format. Whether you're dealing with documents, SQL databases or big data, there are multiple solutions ranging from authentication to virtual networks.

In this course, we will cover the protection of your data from external and internal threats, whether those threats be malicious or accidental. We will see how good design combined with the right configuration can secure your organization's most precious asset: its data.

Learning Objectives

Configure security policies to classify, protect, and manage data
Configure data retention for storage and databases
Set up Azure SQL security features and auditing
Learn how to configure storage account security and access
Learn how to secure HDInsight clusters
Configure Cosmos DB security
Configure Data Lake security
Learn good design features of an Azure application
See how Azure App Services can secure your app
See how a governance policy can help formalize security requirements

Intended Audience

People preparing for Microsoft’s AZ-500 exam
System administrators
App developers

Prerequisites

Experience with Microsoft Azure
Experience with Office 365
Basic knowledge of computer security principles
Basic networking knowledge

Transcript

When you create a storage account, a key is automatically generated by Azure. The account name and key act as a username and password for accessing the storage account. These keys (there are two of them), are available to view through the Access keys under your storage account settings.

You can easily regenerate the keys by clicking on the blue circular arrows next to key1 and key2. You can also use your own keys to manage storage encryption. This is called customer-managed keys, where you generate or import your own keys and then use the Azure Key Vault to store and manage them.

To use customer-managed keys for storage and encryption, go to your storage account and select Encryption under settings. Click the "Use your own key" checkbox. Click Select from Key Vault radio button, and then click Select under Key Vault to select the key vault you want to use.

If a key doesn't yet exist, you can create one here by clicking Generate/Import. Give your key a name and set any parameters you need to, like type, size, activation, and expiration dates. Click the Create button. Now select your key from the vault and click Save.

About the Author

Hallam Webber

Software Architect

Students

18797

Courses

Learning Paths

Hallam is a software architect with over 20 years experience across a wide range of industries. He began his software career as a Delphi/Interbase disciple but changed his allegiance to Microsoft with its deep and broad ecosystem. While Hallam has designed and crafted custom software utilizing web, mobile and desktop technologies, good quality reliable data is the key to a successful solution. The challenge of quickly turning data into useful information for digestion by humans and machines has led Hallam to specialize in database design and process automation. Showing customers how leverage new technology to change and improve their business processes is one of the key drivers keeping Hallam coming back to the keyboard.

Covered Topics

SQL Security Databases Microsoft Azure Databases for Azure Security for Azure

Configuring Key Management for Storage Accounts

Contents

Introduction

Data Classification & Protection

Data Retention & Storage

Data Sovereignty

Databases

Access to Storage

Security

Application Security

Metrics and Risk

Summary

The course is part of this learning path

Covered Topics