Data Classification Part 1
Data Classification Part 1
Microsoft Azure offers a wide range of options to secure and protect your data, regardless of the format. Whether you're dealing with documents, SQL databases or big data, there are multiple solutions ranging from authentication to virtual networks.
In this course, we will cover the protection of your data from external and internal threats, whether those threats be malicious or accidental. We will see how good design combined with the right configuration can secure your organization's most precious asset: its data.

Learning Objectives

  • Configure security policies to classify, protect, and manage data
  • Configure data retention for storage and databases
  • Set up Azure SQL security features and auditing
  • Learn how to configure storage account security and access
  • Learn how to secure HDInsight clusters
  • Configure Cosmos DB security
  • Configure Data Lake security
  • Learn good design features of an Azure application
  • See how Azure App Services can secure your app
  • See how a governance policy can help formalize security requirements

Intended Audience

  • People preparing for Microsoft’s AZ-500 exam
  • System administrators
  • App developers


  • Experience with Microsoft Azure
  • Experience with Office 365
  • Basic knowledge of computer security principles
  • Basic networking knowledge



Microsoft uses the following data classifications when implementing data protection policies. 

Personal data is any data that relates to an identifiable natural person, such as a name or contact information. This can include user IDs that a Microsoft service assigns to a user, although this is considered pseudonymous, as it cannot alone necessarily identify an individual. 

Administrator data is the personal data and contact information about individuals that sign up for Microsoft services. The administrator data also includes aggregated users' information and other data associated with the administrator account. 

Object metadata is the setting data associated with all Microsoft services that you sign up to. This includes Azure storage account details, virtual machines, SQL databases and their tables, columns, headings, and forms. This does not include the personal administrator data. Customers should not include personal data, or other sensitive information in object metadata, because object metadata may be shared across global Microsoft systems to facilitate operations and troubleshooting. 

Payment data is the information customers provide when making online purchases with Microsoft. It may include a credit card number and security code, name and billing address, and other financial data. Microsoft uses payment data to complete transactions, as well as to detect and prevent fraud.

Support and consulting data is all data provided to Microsoft by, or on behalf of, a customer, typically in a support scenario, or when engaging Microsoft professional services. This data may be in any form, including text, sound, video, or images, and even software. The data may be acquired via phone, chat, email, or webforms.

About the Author
Learning Paths

Hallam is a software architect with over 20 years experience across a wide range of industries. He began his software career as a  Delphi/Interbase disciple but changed his allegiance to Microsoft with its deep and broad ecosystem. While Hallam has designed and crafted custom software utilizing web, mobile and desktop technologies, good quality reliable data is the key to a successful solution. The challenge of quickly turning data into useful information for digestion by humans and machines has led Hallam to specialize in database design and process automation. Showing customers how leverage new technology to change and improve their business processes is one of the key drivers keeping Hallam coming back to the keyboard.