Securing Blob storage access

Develop for Azure Storage

Shahzad Mian

Content developer, DataCamp

Unauthorized access

Screenshot 2025-07-10 at 8.57.56 pm.png

Develop for Azure Storage

Azure security

Azure icon with shield

  • Encryption at rest, to secure stored data
  • Encryption in transit protects data whilst it's moving.
  • Access controls, to define who can see or manage your blobs
  • Networking restrictions, to limit access based on IP ranges or private endpoints
  • Monitoring and alerts, to track suspicious behavior and take action
Develop for Azure Storage

Encryption at rest

  • Automatic encryption of data.

Encryption at rest

  • Auto encryption before its saved.
Develop for Azure Storage

Encryption in transit

  • Encryption in transit protects data on the move.
  • Azure uses Transport Layer Security (TLS) to create a secure tunnel.
  • Intercepted data appears scrambled and unreadable.
  • Protects payment details and personal information.
  • Essential for Cipher Coffee to maintain trust and compliance.

Screenshot 2025-11-12 at 3.35.32 pm.png

Develop for Azure Storage

Extra security

  • Encryption alone isn't enough.
  • Access control allows control over who can access your data.
  • Only authenticated users or apps can access.

Club security

Develop for Azure Storage

Shared Access Signatures

  • Only specific people or apps can access the data when they have the "hall pass".

People with a hall pass

Develop for Azure Storage

Access type

  • Download permissions, but not upload or delete. Uploading and deleting a file
Develop for Azure Storage

Timed access

  • Time window of access for hours or a few minutes.

Timer with 15 minutes displayed

Develop for Azure Storage

IP restrictions

IP restrictions

Develop for Azure Storage

Let's practice!

Develop for Azure Storage

Preparing Video For Download...