Azure Native Qumulo Scalable File Storage Security Practices

This white paper provides a comprehensive examination of the security architecture and features of the Azure Native Qumulo (ANQ) service. It outlines the unique aspects of ANQ's infrastructure, emphasizing that customer data does not share resources with other Qumulo customers, enhancing security through isolation. The document details the use of Azure’s VNet Injection Technology for secure connectivity, ensuring that data access is restricted to authorized protocols and APIs. It describes the limited and monitored access by operators, which is recorded in an immutable audit log. The paper further explains the service architecture, highlighting the separation of control and data planes, and the implementation of security best practices such as the Principle of Least Privilege. Additionally, it covers Qumulo Core's built-in security features, including data protection, encryption, and integration with Active Directory for identity management. Compliance with regulatory standards like HIPAA and GDPR is also addressed, ensuring that the service meets necessary security requirements.