Is it possible to encrypt data in Azure and retrieve it on a website?


I would like you to let me know if it is possible to encrypt data on hard disks (Azure), they are videos and sensitive images, I recover them via a website, but I want them are encrypted in the hard disk as a second challenge if there is an attack on my server.

Is it possible to do this and at the same time, the encrypted data will be indexed on the site and monitored?

The answer

The problem with encryption is who holds the keys. With asymmetric encryption, it is certainly possible to store encrypted files (in blob storage or elsewhere) and then decrypt them.

However, if your website can decipher them, they hold the keys. So if your website is compromised and exposes this key, then anyone can read them.

The question becomes what type of attack / server intrusion is really trying to avoid.

One approach could be 2 servers. 1 with your Web site and 1 with storage, then configure a connection between these servers so that your storage is only accessible by your first server.