In the previous chapter, we covered the first part of the Implement Authentication and Secure Data objective by covering how to implement authentication for your web apps, APIs, and more.

In this chapter, we are going to cover how to implement secure data solutions. We are going to cover how to encrypt and decrypt data at rest and in transit, how to encrypt data with Always Encrypted, how to implement Azure confidential computing and SSL/TLS communications for your data, and how to create, read, update, and delete keys, secrets, and certificates by using the Key Vault API.

The following topics will be covered in this chapter:

• Understanding data security in Azure
• Encrypting and decrypting data at rest
• Encrypting and decrypting data in transit
• Encrypting data with Always Encrypted
• Understanding Azure confidential computing
• Creating, reading, updating, and deleting keys, secrets, and certificates by using the Key Vault API