You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Windows 365 provides an end-to-end connection flow for users to do their work effectively and securely. There are three different considerations when evaluating the security of your environment:
34
+
35
+
- Securing the access to the Cloud PC
36
+
- Securing the Cloud PC device itself
37
+
- Securing the Cloud PC data and other data available while using the Cloud PC
38
+
39
+
Take a look at the sections below to better understand the components and features available to you to secure your Cloud PC environment.
34
40
35
41
## Secure Cloud PC access
36
42
37
-
The first security boundary to protect is access to the Cloud PC through the Windows 365 service.
43
+
The first consideration for securing your environment is to secure access to the Cloud PC.
44
+
45
+
As described in [identity and authentication](/windows-365/enterprise/identity-authentication#authentication), there are two authentication challenges to access the Cloud PC:
46
+
47
+
- The Windows 365 service.
48
+
- The Cloud PC.
49
+
50
+
The primary control for securing access is by using Azure Active Directory (Azure AD) Conditional Access to conditionally grant access to the Windows 365 service. To secure access to the Cloud PC, see [set conditional access policies](/windows-365/enterprise/set-conditional-access-policies).
38
51
39
52
## Secure Cloud PC devices
40
53
41
-
After securing access to Cloud PCs, the next security boundary is the Cloud PC, aka Windows device, itself.
54
+
The second consideration for securing your environment is to secure the Cloud PCdevice itself.
42
55
43
56
### Security features enabled by default
44
57
@@ -64,3 +77,15 @@ The following security components are enabled by default on specific Cloud PC SK
64
77
-**Required configuration**: Cloud PC must have 8 vCPU and 32 GB RAM. See [set up virtualization-based workloads support](nested-virtualization) for more information.
65
78
66
79
## Secure Cloud PC data
80
+
81
+
The third consideration for securing your environment is to secure the Cloud PC data and other data that is made available by using the Cloud PC.
82
+
83
+
### Security of Cloud PC data
84
+
85
+
The data of the Cloud PC data itself is secured through encryption. For more details, see [data encryption in Windows 365](/windows-365/enterprise/encryption).
86
+
87
+
### Security of data available on the Cloud PC
88
+
89
+
Securing the data available to users on their Cloud PCs should be no different than securing the data available to users on work-assigned Windows PCs, with the caveat that the Cloud PC is being accessed through Remote Desktop Protocol (RDP).
90
+
91
+
To manage RDP features available to the user during their Cloud PC connection, see [manage RDP device redirections for Cloud PCs](/windows-365/enterprise/manage-rdp-device-redirections).
0 commit comments