Sign in / up

back to article Microsoft announces Azure Functions, encrypted cloud storage

Day two of Microsoft's Build conference was focused on Azure, the company's cloud platform, with new features announced and preview features moving to general availability. Top of the list is Azure Functions, a new service which lets you write code that runs in response to various triggers, such as an HTTP request, a file …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Windows

    MSFT stock is going to the moon!

    The company has totally got its mojo back under Satya.

    2 1 Reply
    1. Halfmad
      Reply Icon

      Re: MSFT stock is going to the moon!

      I'm hopeful things will improve but let's face it after Balmer he didn't really have to try hard. Whilst suspicious of their Linux work, I'm slowly starting to think that just maybe MS are pulling their heads out of their behinds.

      1 0 Reply
  2. beavershoes

    Microsoft Always Keeps Copies of the Keys

    Microsoft is in bed with governments and has always kept copies of encryption keys. Microsoft likes to turn them over to governments for favors in return. Microsoft is all about the money. Best to just avoid everything Microsoft.

    1 7 Reply
  3. tom dial Silver badge

    The keys

    If the encryption is done using a key that I alone have, I might be interested. If not, it is nothing but empty and useless marketingspeak.

    0 0 Reply
    1. Bogle
      Reply Icon

      Re: The keys

      Azure has HSMs (hardware security modules) that are part of Azure Key Vault so yes, you can secure your keys now. Not used them myself so other than pointing at the tech I can't comment.

      1 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: The keys

      It would appear it uses Key Vault, which is a Thales FIPS 140-2 Level 2 certified hardware HSM-backed key storage and cryptography mechanism. You can certainly upload your keys to Key Vault, and do it very securely using HSM to HSM transfer from your private network. I BELIEVE (do NOT take this as gospel truth - you're on your own here!) that by using this HSM module, Microsoft themselves do not have access to your keys - the key never leaves the HSM box and is not able to be exported from there by anyone. The HSM box therefore handles the necessary encryption tasks.

      It's also possible for you to encrypt the keys you put in there yourself, although I'm not sure how well that would play with the built-in encryption at rest scenario.

      See http://tomkerkhove.ghost.io/2015/07/22/securing-sensitive-data-with-azure-key-vault/ for some more details and links

      2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like