Securing your data in transit
Another consideration when storing your data in Azure Storage is securing the data when it is being
transferred between the storage service and your applications.
First, you should always use the HTTPS protocol, which ensures secure communication over the public
Internet. Note that if you are using SAS, there is a query parameter that can be used that specifies that
only the HTTPS protocol can be used with that URL.
For Azure File shares, SMB 3.0 running on Windows encrypts the data going across the public Internet.
When Apple and Linux add security support to SMB 3.0, you will be able to mount file shares on those
machines and have encrypted data in transit.
Last, you can use the client-side encryption feature of the .NET and Java storage client libraries to
encrypt your data before sending it across the wire. When you retrieve the data, you can then
unencrypt it. This is built in to the storage client libraries for .NET and Java. This also counts as
encryption at rest because the data is encrypted when stored.
Do'stlaringiz bilan baham: |