That's a great question and we've had a lot of people ask us on the Azure Security Engineering team the same thing.
Tim Rains, Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection, covers a number of things that we do within to help secure your data at rest.
Some of these things include:
- Physical security controls, logging, auditing, access controls, key management and others
- Azure disk encryption
- Third-party disk encryption options
- StorSimple (storage appliance)
- Client-Side Encryption for Microsoft Azure Storage
Tim goes over the details, which you can read about in his article Cloud security controls series: Encrypting Data at Rest