{"id":18150,"date":"2022-06-22T15:00:00","date_gmt":"2022-06-22T14:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/?p=18150"},"modified":"2022-06-23T21:22:05","modified_gmt":"2022-06-23T20:22:05","slug":"data-security-and-encryption-best-practices-for-azure","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/","title":{"rendered":"Data security and encryption with Azure"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"attachment-large size-large\" src=\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionheader-1024x373.webp\" alt=\"An illustration representing a data warehouse, next to an illustration of Bit the Raccoon.\" width=\"1024\" height=\"373\" \/><\/p>\n<p>Nowadays, corporate data assets are being stored, processed, and shared more than ever before. Organisations are looking for more efficient ways of doing business, such as big data analysis and the migration of data to the cloud. To ensure that sensitive data isn\u2019t exposed to people that don\u2019t need access to it, putting security and controls in place is key.<\/p>\n<p>To protect sensitive data, such as personal identifiable data, company financials, and intellectual property, Azure offers a set of best practices for data security and encryption. To protect your data, you need to know which state your data resides in and what controls are available for that state.<\/p>\n<h2>Data states<\/h2>\n<p>Best practices for Azure data security and encryption relate to the following states:<\/p>\n<ul>\n<li><strong>Data at rest:<\/strong> This includes all information storage objects, types, and containers that exist statically on physical media.<\/li>\n<li><strong>Data at transit:<\/strong> This includes data that is being transferred between components, locations, or programs.<\/li>\n<\/ul>\n<p>Data encryption at rest is a mandatory step toward achieving data privacy and compliance.\u00a0The following best practices are applicable for protecting data at rest:<\/p>\n<ul>\n<li><b>Use encryption to help mitigate risks related to unauthorised\u00a0data access. <\/b>Organisations must prove that they are using proper security controls to comply with industry regulations. They are also more exposed to data-confidentiality breeches if they don\u2019t encrypt their data.<\/li>\n<\/ul>\n<p>Data at rest is encrypted by default in Azure Storage and Azure SQL Database. Many other services offer default encryption as well. Azure Key Vault can be used to store the keys that access and encrypt the data. See <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security\/fundamentals\/encryption-atrest#azure-resource-providers-encryption-model-support?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Azure resource providers encryption model support<\/a> for more information.<\/p>\n<ul>\n<li><strong>Apply disk encryption to help safeguard your data<\/strong>. Azure Disk Encryption enables IT administrators to encrypt Linux and Windows IaaS VM disks. It combines Windows BitLocker and Linux dm-crypt to provide volume encryption for data and OS disks.<\/li>\n<\/ul>\n<p><strong>\u00a0<\/strong><\/p>\n<h2>Protect data at transit<\/h2>\n<p>Protecting data at transit should be an essential part of the data protection strategy. Because data is moved back and forth between many locations, it is recommended to use SSL\/TLS protocols to exchange this data. You can also isolate the entire communication channel between your on-premises and cloud infrastructures by using a VPN. You can use <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/vpn-gateway?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Azure VPN Gateway<\/a> to encrypt traffic between an Azure virtual network and an on-premises location over the public Internet.<\/p>\n<p>Below are best practices for using Azure VPN Gateway, HTTPS, and SSL\/TLS:<\/p>\n<ul>\n<li><strong>To secure access from multiple workstations located on-premises to Azure<\/strong>, use a <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/vpn-gateway\/vpn-gateway-howto-site-to-site-resource-manager-portal?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Site-to-Site VPN<\/a>.<\/li>\n<li><strong>To secure access from a single on-premises workstation to Azure<\/strong>, use a <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/vpn-gateway\/vpn-gateway-howto-point-to-site-resource-manager-portal?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Point-to-Site VPN<\/a>.<\/li>\n<li><strong>To move larger data sets over a dedicated high-speed WAN link<\/strong>, use <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/expressroute\/expressroute-introduction?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">ExpressRoute<\/a>.<\/li>\n<li><strong>Interact with Azure Storage through the Azure portaI<\/strong>. All transactions will occur over HTTPS. You can also use the <a href=\"https:\/\/docs.microsoft.com\/en-us\/rest\/api\/storageservices?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Storage REST API<\/a> over HTTPS to interact with <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/storage?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Storage<\/a>.<\/li>\n<\/ul>\n<h2>Use a key-management solution<\/h2>\n<p>To protect your data in the cloud a key-management solution is mandatory. Azure Key Vault can be used to streamline the key-management process and enables you to maintain control of cryptographic keys and secrets that cloud applications and services use. It enables you to maintain control of keys that access and encrypt your data.<\/p>\n<p>Below are the best practices for using Azure Key Vault:<\/p>\n<ul>\n<li><strong>Control what users have access to<\/strong>. Access to a key vault is controlled through two separate interfaces: management plane and data plane. Use <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/overview?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Role based Access Control (RBAC)<\/a> to control what users have access to. If an application needs access to keys in the vault, only data plane management must be enabled for this application. No management access is needed.<\/li>\n<li><strong>Store certificates in your key vault. <\/strong>You can manage all your certificates in one place, and they can securely be deployed to Azure VMs using Key Vault. By setting appropriate access policies for the Key Vault, you can control the access to the certificates.<\/li>\n<li><strong>Ensure that you can recover a deletion of key vaults or key vault objects<\/strong>. Enable the soft delete and purge protection features of Key Vault. Deletion of these keys is equivalent to data loss, so you can recover deleted vaults and vault objects if necessary.<\/li>\n<\/ul>\n<h2>Manage with secure workstations<\/h2>\n<p>Because most of the attacks are aimed at end users, the endpoint becomes one of the primary points of attack. By compromising the endpoint, an attacker can utilise the user\u2019s credentials to get access to the company data. Most endpoint attacks benefit from the fact that most users are administrators at their workstations.<\/p>\n<p>Below are the best practices for managing secure workstations:<\/p>\n<ul>\n<li><strong>Ensure endpoint protection<\/strong>. Enforce security policies across all devices that are utilised to access data, regardless of the location (on-premises or cloud).<\/li>\n<li><strong>Use a secure management workstation to protect sensitive accounts, tasks, and data<\/strong>. To reduce the attack surface in workstations, use a <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/securing-privileged-access\/privileged-access-workstations?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">privileged access workstation<\/a>. These secure management workstations can help you mitigate some of these attacks.<\/li>\n<\/ul>\n<h2>Secure email, documents, and sensitive data<\/h2>\n<p>To secure email, data, and documents that you share outside your organisation, you can deploy <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/information-protection?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Information Protection<\/a> to classify, label, and protect documents and email. This can be done automatically, by defining rules and conditions, or manually by users.<\/p>\n<p>The protection technology used by Azure Information Protection is on based Azure Rights Management (Azure RMS). This technology is integrated in other technologies, such as Office 365 and Azure Active Directory, and it uses encryption, identity, and authorisation policies to help you control your data, even when it is shared with others outside your organisation.<\/p>\n<p>Best practices for using Azure Information Protection:<\/p>\n<ul>\n<li><strong>Configure <\/strong><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/information-protection\/log-analyze-usage?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Azure RMS Usage logging<\/strong><\/a>. This can help you to monitor how your organisation is using the protection service.<\/li>\n<li><strong>Apply labels that reflect your business requirements<\/strong>. For instance, apply a label named \u201chighly confidential\u201d to all documents and emails that contain top-secret data.<\/li>\n<\/ul>\n<h2>Next steps<\/h2>\n<p>In this article we have covered several Azure best practices for securing and encrypting data. You can refer to <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security\/fundamentals\/best-practices-and-patterns?ocid=AID3038246\" target=\"_blank\" rel=\"noopener noreferrer\">Azure security best practices and patterns<\/a> for more security best practices to use when you\u2019re designing, deploying, and managing your cloud solutions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To ensure that sensitive data isn\u2019t exposed to people that don\u2019t need access to it, putting security and controls in place is key.<\/p>\n","protected":false},"author":430,"featured_media":36918,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"categories":[594],"post_tag":[519],"content-type":[],"coauthors":[525],"class_list":["post-18150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technetuk","tag-technet-uk"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Data security and encryption with Azure - Microsoft Industry Blogs - United Kingdom<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data security and encryption with Azure - Microsoft Industry Blogs - United Kingdom\" \/>\n<meta property=\"og:description\" content=\"To ensure that sensitive data isn\u2019t exposed to people that don\u2019t need access to it, putting security and controls in place is key.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Industry Blogs - United Kingdom\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-22T14:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-06-23T20:22:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chris Walden\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chris Walden\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/author\/chwald\/\",\"@type\":\"Person\",\"@name\":\"Chris Walden\"}],\"headline\":\"Data security and encryption with Azure\",\"datePublished\":\"2022-06-22T14:00:00+00:00\",\"dateModified\":\"2022-06-23T20:22:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\"},\"wordCount\":1015,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg\",\"keywords\":[\"TechNet UK\"],\"articleSection\":[\"TechNet UK\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\",\"url\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\",\"name\":\"Data security and encryption with Azure - Microsoft Industry Blogs - United Kingdom\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg\",\"datePublished\":\"2022-06-22T14:00:00+00:00\",\"dateModified\":\"2022-06-23T20:22:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg\",\"width\":800,\"height\":450,\"caption\":\"An illustration representing a data warehouse, next to an illustration of Bit the Raccoon.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data security and encryption with Azure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/\",\"name\":\"Microsoft Industry Blogs - United Kingdom\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#organization\",\"name\":\"Microsoft Industry Blogs - United Kingdom\",\"url\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2019\/08\/Microsoft-Logo.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2019\/08\/Microsoft-Logo.png\",\"width\":259,\"height\":194,\"caption\":\"Microsoft Industry Blogs - United Kingdom\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data security and encryption with Azure - Microsoft Industry Blogs - United Kingdom","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/","og_locale":"en_US","og_type":"article","og_title":"Data security and encryption with Azure - Microsoft Industry Blogs - United Kingdom","og_description":"To ensure that sensitive data isn\u2019t exposed to people that don\u2019t need access to it, putting security and controls in place is key.","og_url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/","og_site_name":"Microsoft Industry Blogs - United Kingdom","article_published_time":"2022-06-22T14:00:00+00:00","article_modified_time":"2022-06-23T20:22:05+00:00","og_image":[{"width":800,"height":450,"url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg","type":"image\/jpeg"}],"author":"Chris Walden","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Chris Walden","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/author\/chwald\/","@type":"Person","@name":"Chris Walden"}],"headline":"Data security and encryption with Azure","datePublished":"2022-06-22T14:00:00+00:00","dateModified":"2022-06-23T20:22:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/"},"wordCount":1015,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg","keywords":["TechNet UK"],"articleSection":["TechNet UK"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/","url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/","name":"Data security and encryption with Azure - Microsoft Industry Blogs - United Kingdom","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg","datePublished":"2022-06-22T14:00:00+00:00","dateModified":"2022-06-23T20:22:05+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2020\/01\/datasolutionthumb.jpg","width":800,"height":450,"caption":"An illustration representing a data warehouse, next to an illustration of Bit the Raccoon."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/06\/22\/data-security-and-encryption-best-practices-for-azure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/"},{"@type":"ListItem","position":2,"name":"Data security and encryption with Azure"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/","name":"Microsoft Industry Blogs - United Kingdom","description":"","publisher":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#organization","name":"Microsoft Industry Blogs - United Kingdom","url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2019\/08\/Microsoft-Logo.png","contentUrl":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2019\/08\/Microsoft-Logo.png","width":259,"height":194,"caption":"Microsoft Industry Blogs - United Kingdom"},"image":{"@id":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/posts\/18150"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/users\/430"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/comments?post=18150"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/posts\/18150\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/media\/36918"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/media?parent=18150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/categories?post=18150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/post_tag?post=18150"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/content-type?post=18150"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-json\/wp\/v2\/coauthors?post=18150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}