Microsoft Enhances Cloud Security With Azure Storage Encryption
New AES-256 encryption for data at rest, more efficient storage APIs and a revamped Storage Explorer app are among Azure Storage updates announced during this week’s Build developer conference.
Addressing the security concerns of businesses mulling placing valuable data on the public cloud, Microsoft this week announced a beta of Azure Storage Service Encryption.The no-charge feature enables businesses to safeguard Azure Blob (block, append and page blobs) data at rest, according to Lavanya Kasarabada, a Microsoft Azure Storage program manager. A blob is a unit of cloud storage that contains text and binary data.
“Storage Service Encryption automatically encrypts your Azure Blob storage data prior to persisting to storage and decrypts prior to retrieval,” she explained in a March 31 announcement.Data is kept under wraps using the 256-bit Advanced Encryption Standard (AES-256).
“The encryption, decryption and key management is transparent to users, requires no changes to your applications, and frees your engineering team from having to implement complex key management processes,” continued Kasarabada.The feature is supported on all Azure Storage redundancy levels and on both Standard and Premium plans. As with any Microsoft service in preview, Kasarabada recommends that administrators wait until the feature is made generally available before using it on their production workloads.
Microsoft is also introducing a more efficient way of backing up Azure virtual machines, the company said.An updated GetPageRanges application programming interface (API) generates a list of changes between a base blob and its snapshots. This capability will enable users to more easily find changes unique to a particular snapshot and copy only those changes, reducing the amount of data transferred during incremental snapshots. The API, due later this month, supports blobs in both Standard and Premium Azure storage plans.
Microsoft also announced that it is planning to extend Azure Backup Service support to Premium storage plans, helping businesses running critical applications on Premium storage virtual machines to protect their workloads.Azure Import/Export, a “sneakernet” alternative to transferring data to Microsoft’s cloud by physically shipping hard drives, now supports 8-terabyte drives. The company is extending the service to Japan and Australia this summer, complete with a domestic shipping address.The Azure Storage Explorer tool gains an updated UI, performance tweaks, and support for Azure Table and Queue storage.
As its name suggests, Azure Storage Explorer is a stand-alone app that allows users to work directly with data stored in Azure Storage. It is available for Windows, Mac OS X and Linux.”For tables, you’ll be able to view entities inside a container as well as write queries against them,” wrote Cristy Gonzalez, an Azure Tools program manager at Microsoft, in a separate blog post. “You can also easily insert common query snippets, such as the ability to filter by partition key and row key, or retrieving based on a Timestamp period.” The updated app allows users to view and manage the most recent 32 messages pertaining to Azure Queue storage and generate Shared Access Signatures (SAS) for storage accounts.
Source | eWeek