none
Azure File Storage - Encripting files functionality?

    Question

  • Hi all, 

    I have a very important requirement to use Azure File Storage. Data saved there has to be encripted for security purposes.

    Does anyone know if Azure File storage has the possibility to encript the data files or a file share itself?

    If it is not possible, which is the best way to achieve this other than upload the file encripted?

    Any help will be appreciated.

    Thanks a lot!

    Wednesday, October 28, 2015 9:23 AM

Answers

  • Hi

    Windows server has the EFS and bitlocker options but unfortunately neither of these are available to use with the current iteration of Azure files. If you want to encrypt them while at rest, then a third party tool will likely be the best bet.

    • Marked as answer by Marta B Thursday, October 29, 2015 10:20 AM
    Thursday, October 29, 2015 7:44 AM

All replies

  • Hi,


    Assuming you are using the "Azure Files" feature? rather than Azure Blobs, Tables or Queues?

    If so Azure files uses SMB 3.0 encryption, as detailed in this article:

    https://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-files/

    For Blobs, Queues, and Tables there are encryption options explained here:

    https://azure.microsoft.com/en-us/documentation/articles/storage-client-side-encryption/

    Donovan

    Wednesday, October 28, 2015 10:02 AM
  • Hi Donovan, 

    thanks for the response :)

    Your assumption is ok, I'm using Azure Files, and I would like that the files I save in the share will be encrypted. I know I can encrypt them and then save to Azure, but I wonder if Azure File storage offers some utility to do this itself.

    I have read yet this article but as I understand here, it is safe to access file data across mounted shareds or via the File Storage API because of SMB 3.0 protocol.

    However what I want is the files stored in Azure File Storage can be encrypted there.

    Thanks

    Wednesday, October 28, 2015 11:37 AM
  • Hi

    Windows server has the EFS and bitlocker options but unfortunately neither of these are available to use with the current iteration of Azure files. If you want to encrypt them while at rest, then a third party tool will likely be the best bet.

    • Marked as answer by Marta B Thursday, October 29, 2015 10:20 AM
    Thursday, October 29, 2015 7:44 AM
  • Understood, 

    thanks Donovan!

    Thursday, October 29, 2015 10:26 AM
  • Its not built into Azure files, but there is no reason you couldn't use Microsoft Rights Management --

    Either the on-prem/hybrid Rights Management Server, or Azure Rights Management for cloud-controlled data protection.

    Its does a bit more than encryption but might serve for you.

    Here is a link:

    https://technet.microsoft.com/en-us/library/jj585026.aspx

    -Neil


    neilgo

    Friday, December 11, 2015 7:19 PM