Category: Azure

Posts related to Microsoft Azure, Azure AD (Microsoft Entra)

Azure Migrate : Server Migration Overview

Azure Migrate offers a one-stop solution to migrate non-Azure infrastructure to Azure. Using Azure Migrate, you can migrate servers, databases, web applications, data, and virtual desktops from almost any environment to Azure.

Azure Migrate is not just a migration tool. It enables discovery, assessment, dependency analysis, and performance benchmarking of your infrastructure before you actually migrate it to Azure.

In this article, we focus on the server migration solution offered by Azure Migrate.

Once you finish this article, please read the next article, covering some advanced topics and enhancements related to Azure Migrate.

 

Continue reading “Azure Migrate : Server Migration Overview”

Mastering Azure Disk Encryption for Windows VMs : Everything You Need to Know

Azure provides two primary options to secure your data at rest on virtual machines:

  • Storage Service Encryption (SSE) :
    This is automatically enabled for all managed disks and encrypts data at the storage level using Microsoft-managed keys or customer-managed keys (CMK). It operates transparently and cannot be disabled.

  • Azure Disk Encryption (ADE) :
    This is an optional feature that encrypts the OS and data volumes inside the VM using technologies like BitLocker (for Windows) and DM-Crypt (for Linux). ADE provides an added layer of security by encrypting data at the OS volume level, and it allows you to manage your own encryption keys via Azure Key Vault.

In this article, we will focus on configuring Azure Disk Encryption (ADE) for Windows Virtual Machines using PowerShell.

You’ll learn how ADE works under the hood, how to set it up securely using Azure Key Vault, and how to verify and manage the encryption status of your VM disks.

Continue reading “Mastering Azure Disk Encryption for Windows VMs : Everything You Need to Know”

Azure Key Vault : Overview

Security is one of the biggest concerns for any organization, and with the advent of Cloud Computing and Hybrid Infrastructure; Security is probably the biggest concern. A breach is security and compliance can impact organizations reputation, business and it can also invoke legal issues.

One of the major aspects of security is managing credentials. Every organization needs to manage a few hundreds or thousands of credentials, which include Passwords, Encryption keys, Connection Strings, Digital Certificates, etc.

In many organizations, this sensitive information is not managed properly. Some of the examples are:

  • Passwords are not stored in a central repository and are often hard-coded within program.
  • Database connection strings are hard-coded within the program.
  • When an employee leaves the organization who knows many critical passwords and secrets, it is difficult to change those as they are not centrally managed.
  • In the case of any security incident, response time becomes higher as there is no central place to monitor and troubleshoot.
  • The auto-renew policy is not configured for digital certificates, which often leads to outages related to an expired certificate. This also spoils organizations reputation and brand value.

The goal is to store all credentials in a secure repository, from where we can manage those through a single console.

Continue reading “Azure Key Vault : Overview”