The only constant is change. I noticed some new information came out this month while working on a project that requires encrypting disks. This information significantly changes how Azure Disk Encryption can be applied to Windows and Linux VM’s. This is an update to my previous article on Azure Disk Encryption with the intention of outlining the new, easier method of encrypting Azure disks. Continue reading “Azure Disk Encryption, V2”
Tag: encryption
Variables in Azure Automation
Shared Resources in Azure Automation allow for the reuse of credentials, modules, scheduled, connections, certificates and variables. Variable assets provide a way to share values between multiple runbooks as well as between multiple jobs from the same runbook. In this post, I outline how to reference variables that are encrypted and non-encrypted in an Azure Automation runbook. Continue reading “Variables in Azure Automation”
Recover Encrypted Windows Azure VM
The number one rule in disaster recovery is to keep a copy of your resume off site. Number two is test backups and recovery. An unrecoverable backup is useless and a disaster is no time to find out something went wrong. This is a second part of a previous post on encrypting Windows hard drive in Azure. The first part is available here. In this post I will go over how to backup and recover encrypted Windows Azure VM using Recovery Services Vault. Continue reading “Recover Encrypted Windows Azure VM”
Azure Disk Encryption
** Updated post located here**
I deployed some VM’s using both JSON and PowerShell and enabled Storage Service Encryption to encrypt data at rest. Now I want to enable Azure Disk Encryption (ADE) on these VM’s as an extra level of security. In this post I will go over enabling Azure Disk Encryption with BitLocker on Windows Server. More information on Azure Disk Encryption, including encrypting Linux can be found here.
There is a lot of information from Microsoft on configuring Disk Encryption. Most of it covered different methods, such as PowerShell or CLI and different OS versions. This post is sticking to the basics, encrypting existing Windows OS using the portal to get things started and PowerShell to do the encryption. Check out this link if you want more information on Azure Encryption options. Continue reading “Azure Disk Encryption”
Azure Data Encryption
As of today, Microsoft has a few different ways of encrypting Azure data. The options for Azure Data Encryption on servers include Storage Service Encryption and Azure Disk Encryption. Below is a quick summery of each.
Storage Service Encryption (SSE)
This is at the storage account level and encrypts data at rest. Encryption takes place as the data is written to storage and decrypted when it’s read. Continue reading “Azure Data Encryption”