sales@smikar.com
  • Facebook
  • Twitter
  • RSS
  • Facebook
  • Twitter
  • RSS
SmiKar
  • Home
  • Chipmunk
  • Squirrel
    • Cost Calculator
    • Overview
    • AI-Powered Lifecycle Policy
    • Self Service Archiving
    • End User Restore Process
    • Contact Us
  • Software
    • SharePoint Storage Explorer
      • Install and Setup Guide
    • Cloud Storage Manager
      • Functionality Overview
      • Prerequisites
      • Installation Guide
      • Setup Guide
    • SnapShot Master
      • Installation
      • How To
      • Configuration Settings
      • How to Videos
    • Carbon
      • Installation Guide
      • Setup Guide
      • VMware Permissions
      • How To
      • Purchase Carbon
    • SnaPatch
      • FAQ
      • How To
      • Screenshots
      • Videos
      • Support
      • Settings
      • Notifications
      • System Centre Configuration Manager Settings
      • Hypervisor Settings
    • Azure VM Scheduler
      • Configuration Guide
      • How To
      • Install Guide
      • How to Videos
    • Azure VM Cloner
    • Azure VM Deployment Tool
    • Azure VM Remover
  • Blogs
  • About Us
    • Join the Squirrel Partner Network
    • Press Releases
    • Contact Us
    • EULA – End User License Agreement
    • Uninstall Instructions
    • DPISS
Select Page
Introduction to Azure Storage Service Encryption

Introduction to Azure Storage Service Encryption

by Mark | Apr 3, 2023 | Azure, Azure Blobs, Azure Disks, Azure FIles, Azure Queues, Azure Tables, Blob Storage, Cloud Storage, Cloud Storage Manager, Storage Accounts

Azure Storage Service Encryption Overview

Microsoft Azure is a leading cloud service provider that offers a wide range of storage solutions. One of its essential features is the Azure Storage Service Encryption (SSE) which helps organizations protect their data at rest. This article will dive deep into the world of Azure Storage Service Encryption, discussing various encryption types, their applications, and best practices for implementing encryption in your Azure storage accounts.

Types of Azure Storage Service Encryption

Azure Storage Service Encryption can be broadly categorized into two types: server-side encryption and client-side encryption.

Server-side Encryption

Server-side encryption refers to the process of encrypting data before it is stored on Azure’s servers. There are two primary methods for server-side encryption in Azure:

Storage Service Encryption (SSE)

SSE is the default encryption method provided by Azure for data at rest. It automatically encrypts data before it is written to the storage account and decrypts it when read. Azure uses 256-bit AES encryption, which is a strong industry-standard encryption algorithm.

Customer-managed keys (CMK)

For organizations that require more control over their encryption keys, Azure offers the option to use customer-managed keys. With CMK, you can use your own encryption keys, which are stored in Azure Key Vault, to encrypt your data. This gives you full control over key rotation and access policies.

Client-side Encryption

Client-side encryption involves encrypting data on the client (user’s device) before uploading it to Azure Storage. This ensures that the data is encrypted during transit and while at rest on the server. The encryption keys are managed by the user, ensuring complete control and enhanced security.

Azure Storage Service Encryption for Different Storage Accounts

Azure Storage Service Encryption can be applied to different types of storage accounts, including Blob Storage, File Storage, Queue Storage, and Table Storage.

Blob Storage

Blob storage is used for storing large, unstructured data such as images, videos, and documents. SSE for Azure Blob Storage encrypts block blobs, append blobs, and page blobs, ensuring data protection at rest.

File Storage

Azure File Storage is a managed file share service that can be accessed using the standard Server Message Block (SMB) protocol. Encryption for Azure File Storage is available for both SSE and CMK, protecting your files from unauthorized access.

Queue Storage

Queue storage is a service for storing large numbers of messages. Encryption for Azure Queue Storage is available through SSE, securing your message data at rest.

Table Storage

Azure Table Storage is a NoSQL data store for structured data. Azure Table Storage encryption is available through SSE, ensuring the protection of your data at rest.

Azure Storage Service Encryption Best Practices

To ensure the highest level of security for your data in Azure Storage, follow these encryption best practices:

  1. Use server-side encryption (SSE) for data at rest by default, as it is automatically enabled and managed by Azure.
  2. If you require more control over your encryption keys, opt for customer-managed keys (CMK) and store them securely in Azure Key Vault.
  3. For sensitive data or additional security, consider implementing client-side encryption before uploading data to Azure Storage.
  4. Regularly rotate your encryption keys, especially when using customer-managed keys, to minimize the risk of unauthorized access.
  5. Implement proper access controls and policies for both your storage accounts and Azure Key Vault to ensure only authorized users have access to your encrypted data.

Cost Implications of Azure Storage Service Encryption

Azure Storage Service Encryption using SSE is included in the cost of your storage account, meaning you don’t have to pay extra for this encryption method. However, if you choose to use customer-managed keys (CMK), there may be additional costs associated with the Azure Key Vault services, such as key storage, key operations, and data transfer fees.

Comparison with Other Cloud Storage Providers

Other major cloud storage providers, such as Amazon Web Services (AWS) and Google Cloud Platform (GCP), also offer similar encryption options for their storage services. Both AWS and GCP provide server-side encryption with service-managed keys and customer-managed keys, as well as client-side encryption options. The choice between Azure and its competitors should be based on factors like integration with existing infrastructure, overall cost, and specific features required by your organization.

Conclusion

Azure Storage Service Encryption is an essential feature for organizations that want to ensure the protection of their data at rest. By understanding the different encryption methods available, such as server-side and client-side encryption, and implementing best practices, organizations can achieve a high level of data security in their Azure storage accounts.

FAQs

Is Azure Storage Service Encryption enabled by default?

Yes, server-side encryption with Storage Service Encryption (SSE) is enabled by default for all new storage accounts in Azure.

What encryption algorithm does Azure use for SSE?

Azure uses the 256-bit Advanced Encryption Standard (AES) algorithm for Storage Service Encryption (SSE).

Can I use my own encryption keys with Azure Storage Service Encryption?

Yes, you can use customer-managed keys (CMK) to encrypt your data in Azure Storage. The keys are stored in Azure Key Vault.

Does Azure Storage Service Encryption also encrypt data in transit?

Azure Storage Service Encryption protects data at rest. For data in transit, Azure uses SSL/TLS encryption to secure data between clients and the storage service.

How does Azure Storage Service Encryption compare to other cloud storage providers?

Major cloud storage providers like AWS and GCP offer similar encryption options for their storage services, including server-side encryption with service-managed and customer-managed keys, as well as client-side encryption. The choice between providers depends on factors like integration with existing infrastructure, cost, and specific organizational requirements.

Additional Security Measures in Azure Storage

In addition to Azure Storage Service Encryption, there are other security measures you can implement to further protect your data in Azure Storage:

Secure transfer:

Enable secure transfer to enforce SSL/TLS encryption for all data transfer between clients and Azure Storage. This ensures that your data is protected while in transit.

Private endpoints:

Use Azure Private Endpoints to establish a private network connection between your storage account and your virtual network, isolating your data from public internet access.

Shared access signatures:

Implement shared access signatures (SAS) to provide fine-grained control over individual access to specific storage resources, limiting the permissions and duration of access.

Firewall and virtual network rules:

Set up firewall and virtual network rules to restrict access to your storage account based on IP addresses or virtual network subnets, preventing unauthorized access.

Azure Active Directory (Azure AD) integration:

Integrate your Azure storage account with Azure AD for identity-based access control, granting permissions to users and groups based on their roles.


Cloud Storage Manager Overview

Monitoring and Auditing in Azure Storage

Monitoring and auditing your Azure Storage resources is essential to maintaining a secure environment and ensuring compliance with data protection regulations. Here are some key tools and features for monitoring and auditing in Azure Storage:

Azure Monitor:

Use Azure Monitor to collect, analyze, and act on telemetry data from your storage account. This includes metrics, logs, and alerts that can help you identify and respond to security incidents.

Azure Storage Analytics:

Enable Azure Storage Analytics to collect detailed logs for your storage account, including activity logs and diagnostic logs, which can be used to analyze access patterns and identify potential security risks.

Azure Security Center:

Leverage Azure Security Center to gain a centralized view of your storage account’s security posture, including recommendations for improving security and compliance with industry standards.

Azure Policy:

Implement Azure Policy to enforce rules and compliance requirements for your storage account, ensuring consistent security configurations across your organization.

Cloud Storage Manager

Use Cloud Storage Manager to monitor the growth and usage of your Azure Storage. See growth patterns or see which storage accounts are not being used, so that you can either plan for expansion or look to reduce your Azure costs.

By combining Azure Storage Service Encryption with these additional security measures, monitoring, and auditing tools, you can build a robust and secure environment for your data in Azure Storage.

Future Trends in Azure Storage Service Encryption

As data security threats and regulatory requirements continue to evolve, Azure Storage Service Encryption will likely adapt to address these challenges. Some potential future trends in Azure Storage Service Encryption include:

Enhanced encryption algorithms:

Azure may adopt newer encryption algorithms and standards, providing even stronger protection for your data at rest.

Integration with emerging technologies:

Azure Storage Service Encryption may integrate with emerging technologies, such as quantum-safe encryption, to address potential security risks posed by advancements in computing.

Increased automation:

Future developments in Azure Storage Service Encryption may include more automated processes for key management and rotation, ensuring greater security and reducing the potential for human error.

By staying ahead of these trends, organizations can continue to benefit from the latest advancements in Azure Storage Service Encryption and maintain a high level of data security in their Azure storage accounts.

What is Azure Storage Archive?

What is Azure Storage Archive?

by Mark | Mar 9, 2023 | Azure, Azure Blobs, Storage Accounts

Azure Archive Storage

If you’re looking for a cost-effective way to store your rarely accessed data, Azure Storage Archive might be the perfect solution for you. This cloud-based storage service offered by Microsoft Azure provides an affordable and secure option for archiving data that is not frequently used, yet still requires retention for compliance reasons.

In this article, we’ll dive deep into Azure Storage Archive, discussing its features, benefits, and how it compares to other Azure storage options. We’ll also look at how to create an Azure Storage Archive, how to access and manage the archived data, and the costs associated with using this service.

How Azure Storage Archive Works

Azure Archive Storage uses a tiered storage architecture where data is automatically moved to a lower cost tier based on its access patterns. When you store data in Azure Archive Storage, it’s initially stored in a hot or cool storage tier for a specific period before it’s moved to the archive tier. This helps to optimize the cost of storage, as data that’s accessed frequently remains in the hot or cool tier, while less frequently accessed data is moved to the archive tier.

To access data stored in Azure Archive Storage, you need to initiate a retrieval request. The retrieval process may take several hours, depending on the amount of data you’re retrieving and the retrieval option you choose. Azure Archive Storage provides two retrieval options: standard and expedited. Standard retrieval is the default option and takes several hours to complete, while expedited retrieval takes minutes but is more expensive.

Benefits of Azure Storage Archive

Azure Storage Archive offers several benefits that make it an attractive option for organizations that need to retain large amounts of data for long periods of time. Some of the key benefits include:

Cost-effective:

One of the main benefits of using Azure Archive Storage is its cost-effectiveness. It’s a low-cost storage option compared to other storage tiers, making it ideal for storing rarely accessed data that doesn’t need to be immediately available. You can save up to 80% on storage costs compared to other tiers, which can be significant if you’re storing large amounts of data.

Security:

Azure Archive Storage provides several security features to protect your data. It uses server-side encryption to encrypt your data at rest, and SSL/TLS to encrypt data in transit. You can also configure network security groups to restrict access to your data, and use role-based access control (RBAC) to control who can access your data.

Compliant:

Azure Storage Archive helps organizations meet compliance requirements by providing a read-only storage option for archived data that cannot be modified.

Scalablility:

Azure Archive Storage is highly scalable, allowing you to store petabytes of data without worrying about capacity constraints. It’s built on Azure’s global infrastructure, which provides high availability and reliability. You can easily scale up or down based on your storage needs, and pay only for what you use.

Accessible:

Archived data can be accessed through the Azure portal, REST API, Azure Storage Explorer or Cloud Storage Manager, making it easy for organizations to retrieve data when needed.

Use Cases for Azure Storage Archive

Azure Storage Archive is an ideal solution for organizations that need to store large amounts of data for long periods of time, but do not need to access that data frequently. Some common use cases include:

Compliance:

Azure Archive Storage is an ideal solution for meeting regulatory compliance requirements. Many regulations require businesses to retain data for a specified period, and Azure Archive Storage makes it easy to store data for long periods without incurring high costs. You can also set retention policies to ensure that data is not deleted before the required retention period.

Backup and Disaster Recovery:

Azure Archive Storage can be used for long-term backup and disaster recovery purposes. You can store backups of your data in the archive tier, and retrieve them when needed. In case of a disaster, you can restore your data from the archive tier, which provides an additional layer of protection for your data.

Historical Data:

Organizations that need to retain historical data, such as financial records or customer information, can use Azure Storage Archive to store this data cost-effectively.

Media and Entertainment:

Digital media assets such as photos, videos, and audio files are often stored for long periods and rarely accessed. Azure Archive Storage provides a cost-effective way to store and manage these assets, allowing you to keep them for years while keeping them accessible when needed.

Healthcare data archiving

Healthcare organizations are required to retain patient data for long periods, which can be expensive if stored in higher storage tiers. Azure Archive Storage provides a cost-effective solution for healthcare organizations to store patient data for long periods without incurring high costs.

Azure Storage Price Comparison

Azure Archive Storage is priced based on storage, data retrieval, and early deletion costs.

Storage costs

The storage cost for Azure Archive Storage is $0.00099 per GB per month, which is significantly lower than other storage tiers.

Data retrieval costs

Data retrieval costs depend on the retrieval option you choose. Standard retrieval costs $0.01 per GB, while expedited retrieval costs $0.03 per GB.

Early deletion costs

If you delete data before the minimum retention period, you may incur early deletion costs. Early deletion costs for Azure Archive Storage are $0.01 per GB.

Azure Storage Tier Price per GB/month
Hot
 $0.0184
Cool
 $0.0102
Archive
 $0.001

As you can see, Azure Archive Storage is significantly cheaper than the other storage tiers, making it an attractive option for storing rarely accessed data for long periods. However, it’s important to keep in mind the access and retrieval costs associated with using Azure Archive Storage.

You can use our Azure Storage Estimator below to give you an estimate of your Azure Costs.

The Azure Storage costs provided are for illustration purposes and may not be accurate or up-to-date. Azure Storage pricing can change over time, and actual prices may vary depending on factors like region, redundancy options, and other configurations.

To get the most accurate and up-to-date Azure Storage costs, you should refer to the official Azure Storage pricing page: https://azure.microsoft.com/en-us/pricing/details/storage/

How to get started with Azure Archive Storage

To get started with Azure Archive Storage, you need to create a storage account and enable the archive tier. You can then upload your data to the archive tier using Azure Storage Explorer, Azure portal, or Azure CLI. Once your data is uploaded, you can retrieve it when needed by initiating a retrieval request.

To move Azure blobs to archive storage, you can follow these steps:

  1. Log in to your Azure portal and navigate to your Storage account where the blobs are stored.
  2. Select the container that contains the blobs you want to move to archive storage.
  3. Click on the “Blob” tab and select the blobs you want to move.
  4. Click on the “Upload” button and choose “Upload as Archive” option from the dropdown list.
  5. Specify the destination container for your archive blobs and click “Upload” to start the transfer.
  6. Wait for the transfer to complete. This process may take some time depending on the size of your blobs and your internet speed.
  7. Once the transfer is complete, your blobs will now be stored in archive storage.

Note that when blobs are moved to archive storage, they become read-only, meaning you cannot modify or delete them until they are moved back to hot or cool storage. Also, archive storage has a lower access cost compared to hot or cool storage, but a higher data retrieval cost.

Deep Scan your Azure Storage

Open Cloud Storage Manager and perform a Deep Scan of your environment.

The deep scan interogates every subscription, storage account, container and of course blob file for information.

This information besides the size and metadata will also include what storage tier your blobs reside in.


azure storage deep scan

How to move blobs to archive

Now that Cloud Storage Manager has completed a Deep Scan of your environment, browse through the Subscription, then storage account and choose the Blob View TAB.

This will show you all the blobs within the selected Storage Account or Container.

To move the blobs to the archive tier, highlight the blobs you need and then right click. (you can highlight multiple ones by holding down the Control or Shift keys)


Azure Blobs in Storage

Select the blobs to archive

Now that Cloud Storage Manager has completed a Deep Scan of your environment, browse through the Subscription, then storage account and choose the Blob View TAB.

This will show you all the blobs within the selected Storage Account or Container.

To move the blobs to the archive tier, highlight the blobs you need and then right click. (you can highlight multiple ones by holding down the Control or Shift keys)


Change Blob tier

Move blobs to archive

You can now choose what storage tier you want those blobs to go to.

Since we are talking about the Archive Tier, I chose that and clicked on OK.


Select Archive Tier

Blobs are now migrating to Azure Archive Storage

Within the ACTIVITY TAB of Cloud Storage Manager, we can see that those blobs are now moving down to the Archive Storage Tier.


Change Blob to Archive

See the Tiering of your Azure Blobs

Now I went back to the Blob View of the selected storage account, and you can see that the blobs that I asked Cloud Storage Manager to move to Archive are now indeed in the Archive Storage Tier.


blobs in archive

Accessing and Managing Archived Data

Accessing and managing archived data is also straightforward, with several options available depending on your needs. You can access archived data through the Azure portal, REST API, Azure Storage Explorer or Cloud Storage Manager, and can restore data to the cool or hot tier for faster access if needed. You can also set up lifecycle policies to automatically move data between tiers based on your organization’s retention policies.

Azure Storage Archive FAQs

FAQ Answer
How does Azure Archive Storage differ from other Azure storage tiers?
 Azure Archive Storage is designed for storing rarely accessed data for long periods at a lower cost than other storage tiers. However, it has longer retrieval times and higher retrieval costs.
What is the durability of data stored in Azure Archive Storage?
 Azure Archive Storage provides eleven 9’s (99.999999999%) durability for data stored in the archive tier.
Is Azure Archive Storage suitable for compliance purposes?
 Yes, Azure Archive Storage is an ideal solution for meeting regulatory compliance requirements, as it provides a cost-effective way to store data for long periods while complying with regulatory requirements.
Can I use Azure Archive Storage for frequently accessed data?
 No, Azure Archive Storage is designed for storing rarely accessed data for long periods and has longer retrieval times and higher retrieval costs compared to other storage tiers.
What are the limitations of using Azure Archive Storage?
 Azure Archive Storage has limitations on the number of transactions, data retrieval rate, and data retention policies. Please refer to the Azure Archive Storage documentation for more information.

Azure Storage Archive References

Reference Description
Azure Archive Storage pricing:
 https://azure.microsoft.com/en-us/pricing/details/storage/archive/
Azure Archive Storage:
 https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Azure Archive Storage limitations:
 https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-performance-tiers#archive-access-tier-limits-and-limitations

Azure Storage Archive Conclusion

Azure Archive Storage is a cost-effective, secure, and reliable solution for storing rarely accessed data for long periods. It provides a low-cost alternative to other storage tiers, making it ideal for compliance purposes, backup and disaster recovery, digital media archiving, and healthcare data archiving. However, it’s important to note that Azure Archive Storage has some limitations and is not suitable for frequently accessed data. If you’re looking for a cost-effective way to store rarely accessed data for long periods, Azure Archive Storage is a great option.

Azure Storage Unlocked

Please fill out the form below to get our free Ebook "Azure Storage Unlocked" emailed to you
FREE DOWNLOAD

Send download link to:

I confirm that I have read and agree to the End User License Agreement.

All Azure Storage Accounts listed by Size

All Azure Storage Accounts listed by Size

by Mark | Mar 7, 2023 | Azure, Azure Blobs, Azure FIles, Storage Accounts

Key Takeaways

Topic Insight
Storage Visibility Use Cloud Storage Manager to get a complete view of storage usage across all accounts.
Tiered Storage Move data to Hot, Cool, or Archive tiers based on how often it’s accessed.
Auto-Tiering Automate data movement between tiers to save on long-term storage costs.
Retention Policies Set automatic deletion timelines for stale data to prevent waste.
Compression Compress data to save space and reduce transfer costs.
Monitoring Regularly monitor usage to avoid unexpected overages.
Excel Exports Export reports to Excel for detailed offline analysis or audits.
Subscription Breakdown See which subscription each storage account belongs to for chargeback clarity.
Azure Advisor Use recommendations to optimize costs, security, and performance.
Security Apply access policies and encryption to protect stored data.

How big are your Storage Accounts?

In today’s digital age, managing data storage has become increasingly important, especially with the growth of cloud-based solutions. Azure Storage Accounts, a cloud-based storage solution provided by Microsoft, offer users a scalable and cost-effective way to store large amounts of data. However, as the amount of data stored in a storage account grows, it becomes crucial to manage the size of the account to optimize cost and performance.

Considering Performance Tiers: When managing Azure Storage Accounts, it’s not just about the size of the storage but also the performance tier. Standard storage is perfect for general-purpose workloads and cost savings, but for applications requiring high-speed data access, Premium storage may be necessary. Understanding the balance between storage size and performance needs can help optimize both cost and efficiency in your Azure environment.

In this article, we will explore how to view the sizes of all Azure Storage Accounts and provide best practices for managing them.

What are the benefits to knowing the size of your Azure Storage Accounts?

  1. Cost optimization: By understanding how to manage Azure Storage Account sizes, users can optimize their storage environment and reduce storage costs.
  2. Performance optimization: Users can optimize the performance of their storage environment by understanding how to select the appropriate storage tier and monitoring usage metrics.
  3. Compliance: Understanding how to view and manage Azure Storage Account sizes can help users ensure they are meeting compliance requirements for data retention and deletion.
  4. Capacity planning: By monitoring usage metrics and understanding how to manage Azure Storage Account sizes, users can better plan for future storage needs and avoid unexpected storage overages.
  5. Security: Implementing security best practices, such as configuring access policies and using encryption, can help users protect their data stored in Azure Storage Accounts.

Overall, understanding how to view and manage Azure Storage Account sizes is essential for users who want to optimize their storage environment for cost, performance, compliance, capacity planning, and security purposes.

How to view Azure Storage Account sizes

To view the sizes of your Azure Storage Accounts, you can use Cloud Storage Manager, a powerful tool that enables you to manage all aspects of your Azure Storage environment from a single interface. Here’s how to use Cloud Storage Manager  to view Azure Storage Account sizes:

Launch Cloud Storage Manager

Launch Cloud Storage Manager. From the Overview Tab, you can quickly see how much Azure Storage you are consuming, including the number of Azure Subscriptions, Storage Accounts, Containers, Blobs, Azure Files, your Azure Virtual Machines, and more.


Cloud Storage Manager Overview

Cloud Storage Manager Reports TAB

Now, since we are trying to find out just how much Azure storage we are consuming across our complete Azure Tenancy, we need to go to the Reports TAB.


CSM Reports

Cloud Storage Manager Reporting

Highlight the report named “All Storage Accounts listed by size” 

Right click this report and choose Run Report


csm run report

All Storage Accounts listed by Size Report

Cloud Storage Manager will now detail all the Storage Accounts you have in Azure, including which subscription they are in, the Storage Account name and most importantly the size.


all storage accounts listed by size

All Storage Accounts listed by Size in Microsoft Excel

As with all our Cloud Storage Manager reports on Azure Storage, you can choose to export this data to Microsoft Excel.


all storage accounts listed by size excel

Storage Account Sizes Best Practices

Best Practice Description
Use tiered storage
 Azure Storage offers hot, cool, and archive tiers for Blob storage. The hot tier is designed for frequently accessed data, the cool tier for infrequently accessed data, and the archive tier for data that is rarely accessed. By using the appropriate tier for your data based on access patterns and retention requirements, you can save costs by only paying for the storage you need.
Implement retention policies
 Setting retention policies for data that is no longer needed ensures that it is deleted automatically after a specified time period. This can help you to avoid incurring unnecessary storage costs for data that is no longer needed.
Use auto-tiering
 Azure Blob Storage’s automatic tiering feature automatically moves data to the appropriate tier based on access patterns. This means that frequently accessed data is moved to the hot tier, while infrequently accessed data is moved to the cool or archive tier, depending on the access patterns. This helps to optimize performance and cost.
Compress data
 Compressing data before storing it in Azure Storage can save space and reduce costs. Compressed data takes up less storage space and requires less bandwidth to transfer, which can reduce storage and data transfer costs.
Monitor usage
 Monitor the usage of your Azure Storage Account with Cloud Storage Manager to ensure you are not exceeding storage limits or incurring unexpected costs.
Use Azure Advisor
 Azure Advisor provides personalized recommendations for optimizing your Azure Storage Account. It can provide recommendations on cost savings, security, and performance. By following these recommendations, you can optimize your storage account for your specific use case.
Follow security best practices
 Implementing security best practices is important to ensure that your data is protected. This includes configuring access policies, using encryption, and implementing other security measures to protect against unauthorized access.

Conclusion

Managing Azure Storage Account sizes is essential for optimizing cost, performance, and scalability. By using Cloud Storage Manager and following best practices, you can ensure that your Azure Storage environment is optimized for your specific use case. With Cloud Storage Manager, you can easily view and manage the size of your Storage Accounts, making it simple to optimize storage usage and reduce costs. Start managing your Azure Storage Account sizes today and enjoy a more efficient and cost-effective storage environment.

Azure Storage Unlocked

Please fill out the form below to get our free Ebook "Azure Storage Unlocked" emailed to you
FREE DOWNLOAD

Send download link to:

I confirm that I have read and agree to the End User License Agreement.

 

Frequently Asked Questions (FAQs)

1. Why is it important to track Azure Storage Account sizes?
Storage costs can grow quickly in Azure. Tracking account sizes helps avoid bill surprises, identify unused storage, and improve overall efficiency.

2. How do I find out which storage accounts are using the most space?
Use Cloud Storage Manager’s “All Storage Accounts Listed by Size” report to see usage by account, subscription, and container.

3. What types of Azure storage are included in this report?
The tool reports on Blob storage, Azure Files, and associated container usage across all subscriptions you connect.

4. Can I export Azure storage size data for reporting?
Yes. Cloud Storage Manager allows exporting any report—including storage size breakdowns—to Microsoft Excel.

5. Does Azure provide native reports like this?
Not with the same depth or usability. Azure Portal provides limited views, but Cloud Storage Manager gives detailed, actionable insights.

6. What is Azure’s tiered storage model?
Azure offers Hot, Cool, and Archive tiers for Blob storage. The Hot tier is for frequent access, while Cool and Archive are for less frequent access at lower costs.

7. How does auto-tiering work in Azure?
Auto-tiering automatically moves blobs between tiers based on access patterns—ensuring you only pay for what you need.

8. Are there security considerations when managing storage?
Yes. Always configure access controls, enable encryption at rest and in transit, and audit storage regularly for unusual access patterns.

9. How can I reduce my Azure storage bill?
Use tiered storage, delete old data using retention policies, compress files, and use tools like Cloud Storage Manager to spot inefficiencies.

10. Is Cloud Storage Manager a Microsoft tool?
No. It’s a SmiKar Software tool designed to give deeper insights and control over your Azure storage than native Microsoft solutions. It is also completely FREE to use.

How to Recover a Deleted Storage Account

How to Recover a Deleted Storage Account

by Mark | Mar 7, 2023 | Azure, Storage Accounts

Deleted Azure Storage Account Recovery

As a cloud administrator or developer, you may have accidentally deleted a storage account containing critical data. Losing important information can be a frustrating and costly experience. Fortunately, Azure provides several ways to recover a deleted storage account. In this article, we will discuss the steps involved in recovering a deleted storage account in Azure.

Azure Storage Accounts provide a reliable and scalable solution for storing unstructured data in the cloud. A storage account is a logical container for data objects such as blobs, files, tables, and queues. Accidental deletion of a storage account can result in the loss of critical data, which can have severe consequences for businesses. In this article, we will explore the steps involved in recovering a deleted storage account in Azure.

Understanding Azure Storage Accounts

Azure Storage Accounts are the basic building blocks for storing data in Azure. There are four types of storage accounts in Azure: General-purpose v2 storage accounts, General-purpose v1 storage accounts, Blob storage accounts, and Premium performance v2 storage accounts. Each storage account has a unique name that is used to access its data objects. Azure storage accounts provide several features, such as data replication, scalability, and security.

  • General-purpose v2 storage accounts
  • General-purpose v1 storage accounts
  • Blob storage accounts
  • Premium performance v2 storage accounts

Each storage account has a unique name that is used to access its data objects. Azure storage accounts provide several features, such as data replication, scalability, and security.

Reasons for Deleting a Storage Account

There can be various reasons for deleting a storage account in Azure, such as:

  • The storage account is no longer required.
  • The storage account is not compliant with organizational policies.
  • The storage account contains sensitive data that needs to be deleted.
  • Accidental deletion by a user.

Regardless of the reason, it is important to have a plan in place for recovering a deleted storage account in case of accidental deletion.

Steps to Recover a Deleted Storage Account

Azure provides a mechanism to recover a deleted storage account within a specified time frame. The recovery period for a storage account is determined by the type of storage account and the subscription type. Here are the steps to recover a deleted storage account:

Step 1: Check the Recovery Period

The first step in recovering a deleted storage account is to check if the recovery period has not expired. Azure provides a default recovery period of 14 days for all types of storage accounts. The recovery period can be extended up to 90 days for general-purpose v2 storage accounts and up to 365 days for blob storage accounts. To check the recovery period for a storage account, follow these steps:

  1. Log in to the Azure portal.
  2. Click on the Storage accounts menu item in the left-hand pane.
  3. Click on the Deleted accounts tab to view the list of deleted storage accounts.
  4. Check the status of the deleted storage account. If the status is “deleted,” the storage account can be recovered.
  5. Check the recovery period for the storage account. If the recovery period has not expired, the storage account can be recovered.

Step 2: Restore the Storage Account

The second step in recovering a deleted storage account is to restore the account. To restore a deleted storage account, follow these steps:

  1. Select the deleted storage account from the list of deleted accounts.
  2. Click on the Restore button at the top of the page.
  3. In the Restore Account pane, review the details of the storage account, such as the account name, type, and location.
  4. Click on the Restore button to start the recovery process.
  5. The restored storage account will appear in the list of storage accounts once the recovery process is complete.

Alternative Method to Recover a Deleted Storage Account

If the recovery period has expired, or if the storage account cannot be recovered using the previous method, there is an alternative method to recover the account. This method involves contacting Azure support to recover the account. To recover a deleted storage account using Azure support, follow these steps:

  1. Log in to the Azure portal.
  2. Click on the Help + support menu item in the left-hand pane.
  3. Click on the New support request button at the top of the page.
  4. In the Basics tab, select the subscription that contains the deleted storage account.
  5. In the Issue type tab, select “Storage accounts” and “Recover deleted storage account.”
  6. Fill out the details of the support request, such as the deleted storage account name and the reason for the recovery request.
  7. Submit the support request.

Azure support will review the support request and initiate the recovery process. The recovery process may take several hours to complete.

Best Practices to Avoid Accidental Deletion of Storage Accounts

Accidental deletion of a storage account can be avoided by following these best practices:

  • Use role-based access control (RBAC) to restrict access to storage accounts.
  • Use resource locks to prevent accidental deletion of storage accounts.
  • Use Azure Backup to create regular backups of storage accounts.
  • Use Azure Resource Manager templates to deploy storage accounts with predefined configurations.

Azure Storage Account Deletion RABC

To prevent accidental deletion of storage accounts using Role Based Access Controls, here are some guiding principles;

Prevention Method Description Example
Role-based access control (RBAC)
 Assign appropriate access roles to users and groups to limit their permissions on the storage account. Assign a user with the “Contributor” role instead of “Owner” to restrict their ability to delete the storage account.
Resource locks
 Use locks to block users from deleting a resource, even if they have the necessary permissions. Apply a “CanNotDelete” lock on the storage account to prevent accidental deletion.

It’s important to note that RBAC can be used not only to prevent accidental deletion, but also to restrict other types of operations on the storage account, such as reading or modifying data. Resource locks are specifically designed to prevent deletion and can be applied at the resource group or resource level.

Here’s a table that of the different RBAC roles and their permissions in Azure:

RBAC Role Description Permissions
Owner
 Has full access to all resources and can manage access to resources Can create, read, update, and delete all resources and assign access to others
Contributor
 Can create and manage all types of resources but cannot grant access to others Can create, read, update, and delete all resources, but cannot assign access to others
Reader
 Can view existing resources but cannot make any changes Can only read existing resources
User Access Administrator
 Can manage user access to Azure resources Can assign roles to users and groups to control access to resources
Security Administrator
 Can manage security-related operations Can manage security-related resources like security center, key vaults, and Azure AD security solutions
Network Contributor
 Can manage network-related resources like virtual networks, network security groups, and IP addresses Can create and manage network-related resources

And here’s a table that explains the different types of resource locks in Azure:

Resource Lock Type Description
CanNotDelete
 Prevents the deletion of a resource or resource group
ReadOnly
 Prevents any modification of a resource, but allows for reading
DoNotDelete
 Similar to CanNotDelete, but also prevents the deletion of any child resources
ReadOnlyWithCanNotDelete
 Combination of ReadOnly and CanNotDelete

Azure Storage Account Deletion FAQs

Question Answer
What is a storage account in Azure?
 A storage account in Azure is a secure and scalable cloud storage solution for data objects, such as blobs, files, queues, tables, and disks.
How do I create a storage account in Azure?
 To create a storage account in Azure, log in to the Azure portal, select “Create a resource,” search for “Storage account,” and follow the prompts to configure the storage account.
How do I access my storage account in Azure?
 You can access your storage account in Azure using the Azure portal, Azure Storage Explorer, Azure PowerShell, or Azure CLI.
What is the recovery period for a deleted storage account in Azure?
 The recovery period for a deleted storage account in Azure is between 0 and 14 days, depending on the type of storage account.
How do I recover a deleted storage account?
 You can recover a deleted storage account in Azure by using the recovery period or by contacting Azure support. To use the recovery period, go to the deleted storage account and select “Recover.” To recover a storage account using Azure support, log in to the Azure portal and submit a support request.
How do I recover a deleted container in Azure storage?
 You can recover a deleted container in Azure storage by using the Azure portal or the Azure Storage Explorer. To recover a container in the Azure portal, go to the deleted container and select “Undelete.” To recover a container in the Azure Storage Explorer, right-click on the deleted container and select “Undelete.”
What is soft delete in storage account?
 Soft delete is a feature in Azure storage accounts that allows deleted data to be retained for a specific period of time. During this time, the data can be recovered in case of accidental deletion. Soft delete can be enabled for blob storage accounts and file storage accounts.
What is the purpose of soft delete?
 The purpose of soft delete is to prevent accidental data loss and to provide an option for data recovery in case of accidental deletion. Soft delete also allows users to comply with retention policies and legal requirements for data retention.

Azure Storage Account Recovery Periods

Storage Account Type Default Recovery Period Maximum Recovery Period
General-purpose v2
 14 days 90 days
General-purpose v1
 14 days Not applicable
Blob storage
 14 days 365 days
Premium performance v2
 14 days Not applicable

Note that the maximum recovery period can only be extended for certain types of storage accounts. It’s important to check the recovery period for a deleted storage account before attempting to recover it.

Azure Storage Account Deletion Further Reading

If you would like to know more about Storage Accounts, visit these sites.

Description Link
Microsoft documentation on recovering a deleted storage account
 https://docs.microsoft.com/en-us/azure/storage/common/storage-account-recovery
Microsoft documentation on soft delete for Azure Storage
 https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-soft-delete
Microsoft documentation on Azure Storage Explorer
 https://docs.microsoft.com/en-us/azure/storage/common/storage-explorer
Microsoft documentation on Azure PowerShell
 https://docs.microsoft.com/en-us/powershell/azure/overview
Azure Storage Cost Optimisation Tool
 https://www.smikar.com/cloud-storage-manager/

Azure Storage Account Deletion Conclusion

Recovering a deleted storage account in Azure can be a challenging and time-consuming task, but it is essential to avoid data loss. Azure provides several mechanisms to recover a deleted storage account, such as the recovery period and Azure support. It is important to follow best practices to avoid accidental deletion of storage accounts and ensure the safety and security of data stored in Azure.

Azure Storage Unlocked

Please fill out the form below to get our free Ebook "Azure Storage Unlocked" emailed to you
FREE DOWNLOAD

Send download link to:

I confirm that I have read and agree to the End User License Agreement.

  • Facebook
  • Twitter
  • RSS

Cut Your SharePoint Costs with Squirrel!

Automatically archive documents to Azure Blob Storage and save big.

Explore Squirrel Now!

CLICK HERE