In a world where we are putting our companies data in the cloud, the protection of that data against a data breach has never been more important. In this talk I will show you how to setup and use the Microsoft Azure Key vault to protect your encryption keys and secrets like passwords and connection strings. Azure Key Vault uses the power of Hardware Security Modules (HSM's) to protect your secrets and make sure your solutions are as secure as they can be when working in regulated industries like healthcare, financial and insurance.
As well as showing you how to setup and configure the vault, I will show you how to code against it and various different patterns for security in a cloud base multi tenant environment. I will cover topics like:
- .NET / .NET Core Cryptography overview
- Setup Azure key Vault
- Authorize your application to access the vault with AzureAD
- Accessing the vault from your applications
- Using the Vault to wrap local encryption keys for performance
- Encrypting connection strings as Key Vault secrets to get flexible database routing in the cloud
- Audit logging for compliance
Once this talk is finished you will walk away with everything you need to start using Azure Key Vault today.