Enterprise security requires a comprehensive approach for defense in depth. The Azure Search is now capable of supporting standard encryption in each and every region and for every type of indexed data along with the added services. It has taken security to a whole new level, making it stretch all through the indexing pipeline covering the aspects of connection, transmission and the stored data in Azure Search.
Azure Search also uses user-identity access control when performing the queries. It limits the results of all the documents that a requestor is not permitted to see. The improved version of the filters has now enabled a successful integration with third-party authentication providers as well as with the Azure Active Directory.
All the newly indexed documents entail an automatic encryption on the backend with no significant impact on the indexing size. As for the existing content, re-indexing is required in order to gain encryption, and in this case, the encryption status of any given index is not visible in the portal, nor available through the API.
Managing the Security Protocols:
Azure Search provides encryption, decryption, and key management as built-in features. It is not possible to alter or substitute own keys or have a look at the encryption settings in the portal and neither can these features be turned on/off or managed. Utilizing 256-bit AES encryption, one of the most well-built block ciphers that can be found, Azure Storage Service Encryption forms the basis for this encryption.