Azure Storage is Microsoft’s cloud storage alternative for data storage scenarios. It offers secure storage that is highly scalable and available and can be used for several data objects in the cloud. Data objects stored in Azure Storage are accessible from anywhere worldwide through HTTP or HTTPS connections. It also offers client libraries for developers creating applications with C++, JavaScript, and a few other languages.  Azure Managed Service provider offers all in all services and solutions related to Azure.  

  

FEATURES AND BENEFITS OF AZURE STORAGE  

DURABILITY OWING TO HIGH AVAILABILITY: With Azure Storage, you need not worry about temporary hardware failures. Data remains safe owing to redundancy. Users can also opt to replicate data across different centers or geographical regions for extra protection in the face of a local catastrophe or a natural disaster. This way, the replicated data remains available even if there is an unexpected outage.   

SCALABILITY: Azure Storage is designed to meet the peak demands of storage and performance needed in modern applications. Data is automatically load-balanced to meet these requirements.   

SECURITY: Data stored in Azure Storage is encrypted by default; users have control over granting access, which is facilitated through the use of a shared access signature (SAS).   

ACCESSIBILITY: As mentioned earlier, data stored in Azure Storage can be accessed from anywhere in the world via HTTP and HTTPS connections. Not only is that but a range of languages also supported.   

AZURE STORAGE SERVICES  

Let us do a review of the various services that come under Azure Storage.  

AZURE BLOB STORAGE (Azure Blobs): Azure Blob storage is essential for unstructured data such as videos, pictures, files and documents etc., along with the meta-data. They are stored in a structure which resembles a directory, called a ‘container’. Any number of files up to a size of 500 TB can be stored in a blob. There are three varieties of blobs in Azure Blob Storage- block blobs, page blobs and append blobs. Block blobs are useful for the storage of documents, images and video files. Append blobs can be used for append operations like logging, though they are similar to block blobs. Page blobs are used in Azure VMs for the storage of operating systems. Azure Blobs are ideal for the following:  

  • Storing files for distributed access
  • Uploading images or documents directly to a browser
  • Streaming audio and video
  • Storing for backup and recovery
  • Storing for analysis by an on-premises device.

  

  1. AZURE FILE STORAGE (Azure Files): This is meant for legacy applications and offers file shares in the cloud. 

  

  1. AZURE QUEUE STORAGE (Azure Queues): Azure Queue Storage is used to exchange messages between different components in the cloud or on-site devices. A large number of messages can be shared between components and communicated through HTTPS or HTTPS. 

  

  1. AZURE TABLE STORAGE (Azure Tables): As the name suggests, Azure Table Storage is preferred for tabular data, which is ideal for key-value data storage. Table storage is extremely scalable and easy to use. It is now a part of Azure Cosmos DB. 

  

  1. AZURE DISK STORAGE (Azure Disks): Azure Disk Storage allows data to be continuously stored and accessed from a virtual hard disk. These disks are stored in the form of page blobs

  

GAINING ACCESS TO AZURE STORAGE ACCOUNTS  

Every request made to use Azure storage must be authorized. The following methods of authorization are supported by Azure Storage. 

  

Authorization with shared key: Azure blob, files, queue and table services support authorization with a Shared Key. Any user with Shared Key authorization passes a header each time a request is made to access the storage.   

Authorization using shared access signatures (SAS): SAS is a string containing a security code that can be appended for storage resource access. This token or code includes constraints such as permissions and the access interval.   

Active directory integration for blob, queue and table data: This is supported by Azure Storage for the blob and queue services through role-based access control. Authorizing requests with Azure AD is preferred for greater security and easy use.   

  

DATA ENCRYPTION IN AZURE STORAGE  

There are two types of encryptions available in Azure Storage:   

Client-side encryption: Azure Storage client libraries have methods available for encrypting data from the library before it is sent across the wire and the response is decrypted. Data encrypted in this way is also encrypted at rest— the second type of encryption.   

Encryption at rest: Azure Storage protects data to meet the organizational compliance standards. It automatically encrypts all data before decryption for retrieval. Encryption decryption and key management are processes which are transparent to users.