Category: Key vault

Tips and tricks on Securing your Data factory

Why? Like we all know Identity is a hot topic after the MFA fatigue methods or discovering and attacking our resources as external or internal entities but the often overlooked aspect of security is inside the data layer. You could…

Continue Reading Tips and tricks on Securing your Data factory

Do’s and don’ts concerning security for Identity part 8

Continuing from last post with the same topic but now from the negative side of things. What could go wrong if you don’t do it right. This post will assume that you are still having on-premises AD with ADCS and…

Continue Reading Do’s and don’ts concerning security for Identity part 8

What is Azure Key Vault Managed HSM, how to install and eventually remove (if needed)

Managed HSM Key auto-rotation is generally available First the happy news! Key auto-rotation is also generally available for Managed HSM! Earlier this year it came to Key Vault already! Read more here about the Key vault auto-rotation feature and how…

Continue Reading What is Azure Key Vault Managed HSM, how to install and eventually remove (if needed)

How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Data-planes First you have to understand the different URLs that you can use for different types of resources Resource type Key protection methods Data-plane endpoint base URL Vaults Software-protected and HSM-protected (with Premium SKU) https://{vault-name}.vault.azure.net Managed HSMs HSM-protected https://{hsm-name}.managedhsm.azure.net When…

Continue Reading How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Time for the next section to my SC-100 study guide: Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for IoT workloads Specify security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse and Azure…

Continue Reading Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Section 15 – Secure data and applications – Configure and manage Azure Key Vault

And here goes the last section in my AZ-500 study guide, the end is coming with: Create and configure Key Vault Configure access to Key Vault Manage certificates, secrets, and keys Configure key rotation Configure Backup and recovery of certificates,…

Continue Reading Section 15 – Secure data and applications – Configure and manage Azure Key Vault