You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: windows-365/enterprise/encryption.md
+8-9Lines changed: 8 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,19 +34,18 @@ Windows 365 encrypts data at rest and in transit as explained below.
34
34
35
35
## Encryption of data at rest
36
36
37
-
To help you protect your organization's data, Windows 365 Enterprise and Business disks are encrypted with [Azure Storage server-side encryption (SSE)](/azure/storage/common/storage-service-encryption).
37
+
To help you protect your organization's data, Windows 365 Enterprise and Business Cloud PC disks are encrypted with [Azure Storage server-side encryption (SSE)](/azure/storage/common/storage-service-encryption).
38
38
39
39
This storage layer encryption provides the following benefits:
40
40
41
-
- When persisting data to the cloud, data at rest on your Microsoft-hosted Cloud PC disks (OS and data) is automatically encrypted.
42
-
- Windows 365 disk data is encrypted transparently using 256-bit Advanced Encryption Standard (AES) encryption, a modern block cipher, and is FIPS 140-2 compliant.
43
-
- The encryption doesn't impact Cloud PC performance.
44
-
- By default, the encryption is applied to every Cloud PC in every region at no extra cost.
45
-
- All the following Windows 365 Enterprise and Business objects are automatically encrypted-at-rest with platform-managed keys (Customer-managed Keys aren't currently supported):
46
-
-Managed disks
41
+
- When persisting data to the cloud, data at rest on your Microsoft-hosted Cloud PC's disk is automatically encrypted.
42
+
- Windows 365 Cloud PC disks are encrypted transparently using 256-bit Advanced Encryption Standard (AES) encryption, a modern block cipher, and is FIPS 140-2 compliant. The encryption at this layer doesn't impact Cloud PC performance.
43
+
- The encryption is applied to every Cloud PC in every region at no extra cost.
44
+
45
+
The following Windows 365 Enterprise and Business objects are automatically encrypted-at-rest with platform-managed keys:
46
+
-Disks
47
47
- Snapshots
48
48
- Images
49
-
- Data written to existing managed disks
50
49
51
50
Windows 365 as a service treats all data stored on Windows 365 disks as customer content. For more information, see [Privacy and personal data in Windows 365](/windows-365/enterprise/privacy-personal-data).
52
51
@@ -67,4 +66,4 @@ TLS 1.2 is used for all connections started from Windows 365 to the Azure Virtua
67
66
68
67
For more information about the cryptographic modules underlying Azure managed disks, see [Cryptography API: Next Generation](/windows/desktop/seccng/cng-portal).
69
68
70
-
For more information on network connectivity and encryption in transit, see [Understanding Azure Virtual Desktop network connectivity](/azure/virtual-desktop/network-connectivity).
69
+
For more information on network connectivity and encryption of the RDP remoting connection, see [Understanding Azure Virtual Desktop network connectivity](/azure/virtual-desktop/network-connectivity).
0 commit comments