In this blog, we will introduce you to the new Azure disk encryption feature parameter EncryptFormatAll. It is a new feature parameter to reduce encryption times for Storage backed data disks on Linux VMs. The EncryptFormatAll support is available starting with Azure PS SDK release 5.0.0 and Azure CLI 2.0.17 releases. When the Linux Disk Encryption extension…
Year: 2017
Announcing Azure Disk Encryption Preview for Virtual Machine Scale Sets
Today, we are excited to announce the public preview of Azure Disk Encryption (ADE) for Virtual Machine Scale Sets (VMSS). With this announcement, Azure disk encryption can be enabled for Windows and Linux VM Scale Sets in Azure public regions to enable customers to help protect and safeguard the Scale Sets data at rest using…
Disabling Server Message Block Version 1 (SMB v1) in Azure
Microsoft has always considered security to be priority #1. Whether it be in the cloud, on-premises, or across hybrid deployments, security is part of our DNA and we do whatever we can to help protect our customers and our platform. This is especially true when it comes to the Azure public cloud, where Microsoft has…
Microsoft Encryption of Data-at-Rest White Paper
There are essentially 3 types of encryption you want to think about when working with a cloud service provider: Encryption at Rest Encryption in Flight (network encryption) Encryption in processing (application data encryption) Encryption at rest is about protecting data on disk. You need to make sure that an attacker who might to acquire a…
Applying updates to a encrypted Azure IaaS Red Hat VM using Yum Update
In this post, we will describe the steps you must take before you apply the updates (patch) to an already encrypted Azure IaaS Red Hat VM using yum update or newly encrypted IaaS Red Hat VM using yum update. Lets take a look at the below two scenarios: A. Deploying new encrypted IaaS Red Hat…
Deprecating Azure disk encryption preview extension for Linux IaaS VMs
The Azure Disk Encryption engineering team has deprecated the Linux security extension “Microsoft.OSTCExtension.AzureDiskEncryptionForLinux”. This extension was published for Azure disk encryption preview release. You should not use the preview version of the extension in your testing or production deployment. For deployment scenarios like Azure Resource Manager (ARM), where you have a need to deploy Azure…
Azure Network Security Whitepaper/Article Released
One of the biggest challenges we have when learning about a new cloud service provider is trying to figure out what that provider has. In fact, it’s hard even if you’re already using that cloud service provider! For example, “what does Azure have that’s related to my network security concerns?” The answers would come pretty…
Azure Logging and Auditing–Turn Chaos into Order
Azure is a big thing – so big that a lot of you tell me it’s hard to keep up. But you’re also IT pro’s, you’re used to learning new things – IT definitely isn’t the profession you chose to not learn new things. Indeed – this is the life we’ve chosen. And that’s a…
New Azure Security Whitepapers–A Security Bonanza!
They’ve been a long time coming – the Azure Security White Paper collection. This isn’t just a white paper or two. This isn’t marketing stuff and fluff. This isn’t just click-this and click-that. This is the real deal – information you can use to understand what Azure has to offer when it comes to security….
Azure TLS Certificate Changes
We know security is a top priority for you, and so is uptime of your applications. To give you additional assurance of the authenticity of Azure services, most Azure services get their SSL/TLS certificates from a known set of intermediate certificate authorities (CAs) that Microsoft operates. Microsoft publishes details of these CAs in its Certificate…