{"id":61832,"date":"2021-06-21T08:00:42","date_gmt":"2021-06-21T16:00:42","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/devops\/?p=61832"},"modified":"2021-06-08T10:41:39","modified_gmt":"2021-06-08T18:41:39","slug":"azurefunbytes-azure-data-factory-security-with-narainabhishek","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/azurefunbytes-azure-data-factory-security-with-narainabhishek\/","title":{"rendered":"AzureFunBytes &#8211; @Azure Data Factory Security with @narainabhishek"},"content":{"rendered":"<p>AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. It&#8217;s a chance for me to understand more about what people across the Azure organization do and how they do it. Every week we get together at 11 AM Pacific on <a href=\"https:\/\/cda.ms\/226\">Microsoft LearnTV<\/a> and learn more about Azure.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/res.cloudinary.com\/practicaldev\/image\/fetch\/s--Z7BxBMz1--\/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880\/https:\/\/dev-to-uploads.s3.amazonaws.com\/uploads\/articles\/j2xzw2g664tj31jij13t.gif\" alt=\"AzureFunBytes animation\" \/><\/p>\n<p>This is part two of our series on <a href=\"https:\/\/cda.ms\/28h\">Azure Data Factory<\/a>. <a href=\"https:\/\/dev.to\/azure\/azurefunbytes-episode-43-intro-to-azure-data-factory-with-kromerbigdata-4pa8\">Last time Mark helped get us on the road to understanding how to best get our data into the cloud<\/a> by using the linked services and tools with Azure Data Factory. Data Factory contains a series of interconnected systems that provide a complete end-to-end platform for data engineers. Utilizing our data requires some thoughtfulness when it comes to security.<\/p>\n<p>This week on AzureFunBytes, Senior Program Manager, <a href=\"https:\/\/twitter.com\/narainabhishek\">Abishek Narain<\/a> joins me to learn more about security best practices for Data Engineers.<\/p>\n<p>Our Agenda:<\/p>\n<ul>\n<li>Authentication <\/li>\n<li>Meta-data encryption (Meta-data at rest)<\/li>\n<li>Credential management <\/li>\n<li>Data in transit<\/li>\n<li>Data at rest<\/li>\n<li>Network Security<\/li>\n<li>Azure Policy integration<\/li>\n<\/ul>\n<p>With all of this in mind, we take a deeper look at how security not only impacts our applications deployed, but the data they may access and store.<\/p>\n<p><iframe title=\"AzureFunBytes Episode 44 - @Azure Data Factory Security with @narainabhishek\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/SzGyUPvE4JY?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p><a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=286\">00:04:46 &#8211; Let&#8217;s meet Abishek<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=553\">00:09:13 &#8211; Azure Data Factory: Best practices for data engineers<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=889\">00:14:49 &#8211; Authentication<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=1312\">00:21:53 &#8211; Meta-data encryption (at rest)<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=1510\">00:25:10 &#8211; Credential management<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=2157\">00:35:57- Data in transit &amp; data at rest<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=2313\">00:38:33 &#8211; Network security<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=2638\">00:43:58 &#8211; Custom RBAC roles<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/QaqLaUS1Siw?t=2783\">00:46:23 &#8211; Demo Time!<\/a><\/p>\n<p>When securing your data pipeline, there are some configurations and settings suggested by Azure you should follow. You&#8217;ll want to follow this security baseline that applies guidance from the <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security\/benchmarks\/overview-v1\">Azure Security Benchmark version 1.0<\/a> to Azure Data Factory. You&#8217;ll also want to ensure login details to your data endpoints are protected to ensure there&#8217;s no unauthorized access due to credentials existing in the wild. There are also network security considerations that you will want to adhere to for various data stores that are accessed by Azure Data Factory, whether they are in the cloud or on-prem.<\/p>\n<hr \/>\n<p>Learn about Azure fundamentals with me!<\/p>\n<p>Live stream is available on Twitch, YouTube, and LearnTV at 11 AM PT \/ 2 PM ET Thursday. You can also find the recordings here as well:<\/p>\n<p><a href=\"https:\/\/twitch.tv\/azurefunbytes\">AzureFunBytes on Twitch<\/a><br \/>\n<a href=\"https:\/\/aka.ms\/jaygordononyoutube\">AzureFunBytes on YouTube<\/a><br \/>\n<a href=\"https:\/\/www.youtube.com\/channel\/UC-ikyViYMM69joIAv7dlMsA\">Azure DevOps YouTube Channel<\/a><br \/>\n<a href=\"https:\/\/twitter.com\/azurefunbytes\">Follow AzureFunBytes on Twitter<\/a><\/p>\n<p>Useful Docs:<\/p>\n<p><a href=\"https:\/\/cda.ms\/2b5\">AzureFunBytes Episode 43 &#8211; Intro to @Azure Data Factory with @KromerBigData<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/219\">Get $200 in free Azure Credit<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/243\">Microsoft Learn: Introduction to Azure fundamentals<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28d\">Azure security baseline for Azure Data Factory<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28f\">Security considerations for data movement in Azure Data Factory<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28h\">What is Data Factory?<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28j\">Data access strategies<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28k\">Azure Key Vault secrets in pipeline activities<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28m\">Azure Policy documentation<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28p\">Compute environments supported by Azure Data Factory<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28y\">Managed identity for Data Factory<\/a><br \/>\n<a href=\"https:\/\/cda.ms\/28z\">RBAC &#8211; Role Based Authentication Control<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is part two of our series on Azure Data Factory. Last time Mark helped get us on the road to understanding how to best get our data into the cloud by using the linked services and tools with Azure Data Factory. Data Factory contains a series of interconnected systems that provide a complete end-to-end platform for data engineers.<\/p>\n","protected":false},"author":39313,"featured_media":61833,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[224,1],"tags":[],"class_list":["post-61832","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-devops"],"acf":[],"blog_post_summary":"<p>This is part two of our series on Azure Data Factory. Last time Mark helped get us on the road to understanding how to best get our data into the cloud by using the linked services and tools with Azure Data Factory. Data Factory contains a series of interconnected systems that provide a complete end-to-end platform for data engineers.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/61832","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/39313"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=61832"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/61832\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/61833"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=61832"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=61832"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=61832"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}