The only constant is change. I noticed some new information came out this month while working on a project that requires encrypting disks. This information significantly changes how Azure Disk Encryption can be applied to Windows and Linux VM’s. This is an update to my previous article on Azure Disk Encryption with the intention of outlining the new, easier method of encrypting Azure disks. Continue reading “Azure Disk Encryption, V2”
** Updated post located here**
I deployed some VM’s using both JSON and PowerShell and enabled Storage Service Encryption to encrypt data at rest. Now I want to enable Azure Disk Encryption (ADE) on these VM’s as an extra level of security. In this post I will go over enabling Azure Disk Encryption with BitLocker on Windows Server. More information on Azure Disk Encryption, including encrypting Linux can be found here.
There is a lot of information from Microsoft on configuring Disk Encryption. Most of it covered different methods, such as PowerShell or CLI and different OS versions. This post is sticking to the basics, encrypting existing Windows OS using the portal to get things started and PowerShell to do the encryption. Check out this link if you want more information on Azure Encryption options. Continue reading “Azure Disk Encryption”
As of today, Microsoft has a few different ways of encrypting Azure data. The options for Azure Data Encryption on servers include Storage Service Encryption and Azure Disk Encryption. Below is a quick summery of each.
Storage Service Encryption (SSE)
This is at the storage account level and encrypts data at rest. Encryption takes place as the data is written to storage and decrypted when it’s read. Continue reading “Azure Data Encryption”