Announcing Default Encryption for Azure Blobs, Files, Table and Queue Storage

Community Manager

For most customers, security is not only of the utmost importance but also a deciding factor in choosing a public cloud provider. Customers require their data to be encrypted at rest as per their security and compliance needs. We at Azure Storage take security and privacy seriously and work tirelessly to help protect your data. Azure customers already benefit from Storage Service Encryption (SSE) for Azure Blob and File storage using Microsoft Managed Keys or Customer Managed keys for Azure Blob storage.


Central to our strategy in ensuring protection of our customer’s data, we are taking security a step further, by enabling encryption by default using Microsoft Managed Keys for all data written to Azure services (Blob, File, Table and Queue storage), for all storage accounts (Azure Resource Manager and Classic storage accounts), both new and existing. SSE for managed disks, including import scenario, will also be supported. To learn more, visit the managed disks & SSE FAQ.




Read about it in the Azure blog.

1 Reply
Does this apply to backup storage too?? I created some today (haven't uploaded anything yet) and chose encryption at rest/source/Azure.