Computomatics: On-premises Azure Services as Azure Stack

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

Microsoft has recently released Azure Stack TP3. I was fascinated by the sheer scale of cloud migration in last three year. The big question is,

1 What about existing data centers? – computonomics of underutilised computing power! 2 Retrospective inclusion of limitation?


Guide: Secure Data by Payload Encryption or Client-side Encryption in Public Cloud Services (Azure or AWS)

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

Client-side encryption is an engineering pattern provides granular control over content encryption. The pattern handle secrets, all encryption and decryption, all of the key or secretes management functions and the server (or storage) cannot decrypt or read the payload data. The pattern is also known as Payload Encryption.


Personal: The Journey

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

Blogging as private technology citizen is a new experience for me, I would try to aggregate my previous contribution to company blogs, posts, articles and journals under one domain. Last 18 years were a true rollercoaster ride, from C++ programmer to Azure and Linux directory permissions to ACLs.


Best Practice: Client-side encryption with Azure Storage Services

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

Client-side encryption with Azure Storage Service improves data protection ranking. Zero-Knowledge Environment is a good risk mitigation strategy in absent of network or storage level isolation. Payload encryption or client-side encryption can help to achieve both.


Cloud Configuration: How to enable Azure Disk Encryption

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

Azure Disk Encryption helps to secure privacy and sovereignty of the data on VM or disks. The feature encrypts Windows and Linux IaaS Virtual Machine Disks, it applies BitLocker feature for Windows IaaS and DM-Crypt feature of Linux IaaS.

The feature would integrate with Azure Key Vault where it manages the disk encryption keys and secrets. Azure Disk Encryption encrypt all data on the Virtual Machine Disks are Encrypted at Rest. The Feature is necessary for satisfying many compliance guidelines, and it improves organisation data security.


Guide: Protecting Data at Rest in Cloud – Microsoft Azure

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

Data at Rest is the state of data where the Data is stored on a physical disk, logical disk, tape, or any other equivalent persistence mechanism.

Data at Rest in Cloud with Risks and Countermeasures

As discussed earlier in series, let’s go from Security to Compliance. So as a first step, we need to evaluate the risks, and then we would discuss the countermeasures available in Microsoft Azure.

The following is STRIDE - Threat Model and Countermeasures those applies to Data Protection, for detail understanding of individual countermeasures and risk please refer to OWASP Threat Modelling - STRIDE .


Guide: Data Protection in Cloud – Azure and AWS

Posted by Nilay Parikh and last modified on Tue Jun 12, 2018.

What is data security? – the question that has evolving and incremental answers since we started asking during the late 1980s.

Data security refers to protective digital privacy measures that are applied to prevent unauthorised access to computers, databases and websites. Data security also protects data from corruption. Data security is an essential aspect of IT for organisations of every size and type.

Source: Definition from Techopedia