Using Microsoft Azure for Flexible, Secure Cloud Storage for All Your Data Needs

Overview

Pitt Information Technology offers a wealth of enterprise cloud storage options to University departments, faculty, staff, and researchers through Azure, Microsoft's enterprise cloud computing solution.


How Might You Use Azure Storage?

Azure is reliable, customizable, scalable, and redundant. It is ideal if you want to:

  • Archive Data Inexpensively: Do you have data that is infrequently accessed that you need to store for long periods of time? Secure, redundant archival storage is available through Azure.
  • Provide Shared File Storage without the Need for a Server: Store all of your data securely and redundantly in the cloud.
  • Store and Compute with Data: Take advantage of an environment with protections for data privacy, legal/regulatory, and contractual compliance.
  • Other uses for Azure...

 

Detail

Storage Options

Blob Storage

Blob storage is optimized for storing massive amounts of unstructured data. Blob storage is scalable, and you pay only for what you use. You can choose from among three storage tiers: Hot for frequently accessed data, Cool for infrequently accessed data, and Archive for rarely accessed data.

Learn more...

 

Data Lake Storage

Azure Data Lake Storage is a highly scalable and cost-effective solution for big data analytics. It allows you to easily manage massive amounts of data. It is built on Azure Blob storage, but it also adds a hierarchical namespace. The hierarchical namespace organizes objects/files into a hierarchy of directories for efficient data access.

Learn more...

 

Azure Files

Azure Files offers fully managed file shares in the cloud that are accessible via the industry-standard Server Message Block (SMB) protocol. You can mount Azure file shares concurrently on cloud or on-premises deployments of Windows, Linux, and macOS. You also can cache Azure file shares on Windows Server machines by using Azure File Sync for fast access close to where the data is used.

Learn more...

 

Storage Tiers

Azure provides different storage tiers for your data depending upon how frequently you plan to access it:

Tier

Best Use

Cost Comparison

Special Considerations

Hot

Frequently accessed data

Most expensive to store; least expensive to retrieve

 

Cold

Infrequently accessed data

Less expensive to store; slightly more expensive to retrieve

Penalties apply for data accessed before 30 days

Archival

Data that does not need to be accessed for at least six months

Least expensive to store; most expensive to retrieve

Penalties apply for data accessed before 180 days, and data retrieve could take up to 15 hours

Blob storage also provides data lifecycle management, which means you can transition blobs to a cooler storage tier (hot to cool, hot to archive, or cool to archive) to optimize for performance and cost. You can even set up policies to automatically transition data between different tiers.

Learn more…

 

Redundancy Options

Azure offers six different redundancy options: Locally redundant storage (LRS), Zone-redundant storage (ZRS), Geo-redundant storage (GRS), Read-access geo-redundant storage (RA-GRS), Geo-zone-redundant storage (GZRS), and Read-access geo-zone-redundant storage (RA-GZRS).

Learn more…

 

Sample Pricing Per TB

Storage Type

Redundancy

Access Tier

Monthly Cost per TB

Annual Cost per TB

Blob/Data Lake

LRS

Hot

Cool

Archival

$16

$9

$2

$198

$108

$26

Blob/Data Lake

ZRS

Hot

Cool

$21

$11

$248

$134

Blob/Data Lake

GRS

Hot

Cool

$33

$18

$416

$236

Azure Files

LRS

ZRS

GRS

Hot

Hot

Hot

$67

$79

$129

$804

$946

$1,545


Baseline Compliance with NIST 800-171 

The University of Pittsburgh’s Azure environment meets the stringent security requirements set forth in NIST 800-171, a standard security framework that ensures information systems and networks are set up and operated in a secure manner.

NIST 800-171 establishes key security controls that address factors such as:

  • Administrative privileges
  • Access management
  • Authentication
  • Logging and monitoring
  • Firewalls  

All data stored in the University’s Azure environment is protected by security controls that ensure strong encryption, limit unsuccessful logins, and prohibit password reuse. For example, cryptographic mechanisms protect the confidentiality of remote access sessions, and passwords are stored as one-way hashes constructed from passwords using AES256 or stronger encryption.

 

Enhanced Security for Sensitive Data

Some data, including data protected by the Health Insurance Portability and Accountability Act (HIPAA), requires security controls that go beyond those established by NIST 800-181.

If you have especially sensitive data, the University’s Azure environment can likely be customized to accommodate your specific needs. Please contact us, and we’ll follow up to discuss a solution.

 

Automated Patching

Windows Servers deployed in the Azure environment are protected by an automated patching process that ensures critical security updates are installed as soon as they become available. Automated patching frees departmental server administrators from the traditional task of managing security patches, allowing them to focus their time and expertise where it is needed most. Standardizing the patch management process is also essential to enable the University to provide cloud-based virtualization at scale.

If your department’s servers have unique patching needs (for example, if you need to test certain systems before applying the latest security patches), please contact us so that we can discuss what on-premise options might be available.

 

Get Started

Ready to take advantage of enterprise cloud storage? Contact the Technology Help Desk. We'll follow up with the information you need to get started right away. We can even help you determine what storage solutions best meet your unique needs.

Print Article

Details

Article ID: 291
Created
Tue 8/8/23 10:08 AM
Modified
Wed 8/14/24 8:26 AM

Related Articles (1)

Get started with the Pitt IT Virtual Desktop (Microsoft), which enables faculty and staff to remotely access a set software and resources.

Related Services / Offerings (1)

SERVER AND STORAGE MANAGEMENT Access to secure, reliable, and flexible cloud computing services.