Data security and privacy are very important and in some parts of the world, also mandated by law. Data security is also one of the primary concerns that discourages organizations from moving data to the cloud. ADLS Gen2 has a robust, multi-layered security model.
Lets have a look at the six data security layers of ADLS Gen2:
- Authentication: The first layer which provides user account security. ADLS Gen2 provides three authentication modes, Azure Active Directory (AAD), Shared Access Token (SAS), Shared Key.
- Access Control: The next layer for restricting access to individual containers or files. This can be manages using Roles and Access Control Lists (ACLs)
- Network Isolation: This layer enables administrators to manage access by disabling or enabling access to only particular Virtual Private Networks (VPNs) or IP Addresses.
- Data Protection: This is achieved by always encrypting in-transit data using HTTPS. Options to encrypt stored data are also available.
- Advanced Threat Protection: If enabled, ADLS Gen2 will monitor any unauthorized attempts to access or exploit the storage account.
- Auditing: This is the sixth and final layer of security. ADLS Gen2 provides comprehensive auditing features where all account management activity is logged. These logs can be later reviewed to ensure the highest level of security.
With six layers of data protection, ADLS Gen2 provides one of the best data security models in the cloud storage market today.