Controlling Access to Azure Storage
Anonymous as access control
...
Identity Based Access - Azure Files with Azure AD DS as access control
...
Protecting Data in Azure Storage
Storage Encryption
...
Customer-Managed Encryption Keys
...
We need to make sure that the data can be retained for a lon long time and users can’t necessarily modify it or delete it.
...
Controlling Access to Azure SQL Services
SQL Authentication
...
Azure AD Authentication
To authenticate with Azure AD identities, we need to associate them with SQL logins or database users.
...
Protecting Data in Azure SQL Services
Transparent Data Encryption
...
TDE supports Bring Your Own Key (BKYOK), managed by customers. It’s called TDE Protector, just like Azure Storage Account.
...
Always Encrypted
Encrypts data within columns that we want to secure.
...