Security Features of Azure Blob Storage
- Encryption at rest: Azure blob storage provides encryption of data by either Microsoft managed keys or Customer provided keys. These data are encrypted using 256 bit AES encryption process.
- Encryption at Transit: This security feature makes sure that data during transit is securely encrypted and protected from any tampering. Allows transfer of data only with https traffic with REST API calls.
- Secure Communication: Azure blob storage security allows to communicate on-premise networks by allowing access to approved and authorized subnet ranges or IP addressed.
- Private Endpoints: This enables the user or client to connect to the storage account over virtual network and private link on Microsoft network. Also, enable storage firewall to block all connection over public endpoints.
- Authentication by Azure Roles-Based Access Control(RBAC): Built-in and custom roles defining permissions can be set to access blob storage. Its scope can be Resource group, storage account or container.
- Authorization by Attribute-Based Access Control(ABAC): In this access is controlled using role-assignment conditions based on principal, resources, environment attributes.
Azure Blob Storage
In today’s world where everything revolves around data, managing and storing vast amounts of data is the priority of every business operation. Azure Blob Storage, is one of the services offered by Microsoft Azure’s cloud computing platform, which is a scalable and cost-effective solution for storing and managing unstructured data, such as images, videos, documents, files, and backups.