You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/storage/common/storage-import-export-service.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ author: alkohli
5
5
services: storage
6
6
ms.service: storage
7
7
ms.topic: article
8
-
ms.date: 05/07/2019
8
+
ms.date: 03/15/2020
9
9
ms.author: alkohli
10
10
ms.subservice: common
11
11
---
@@ -35,7 +35,7 @@ Import/Export service uses the following components:
35
35
-**WAImportExport tool**: This is a command-line tool that does the following:
36
36
- Prepares your disk drives that are shipped for import.
37
37
- Facilitates copying your data to the drive.
38
-
- Encrypts the data on the drive with BitLocker.
38
+
- Encrypts the data on the drive with AES 256-bit BitLocker. You can use an external key protector to protect your BitLocker key.
39
39
- Generates the drive journal files used during import creation.
40
40
- Helps identify numbers of drives needed for export jobs.
41
41
@@ -127,17 +127,17 @@ The Azure Import/Export service supports copying data to and from all Azure stor
127
127
128
128
## Security considerations
129
129
130
-
The data on the drive is encrypted using BitLocker Drive Encryption. This encryption protects your data while it is in transit.
130
+
The data on the drive is encrypted using AES 256-bit BitLocker Drive Encryption. This encryption protects your data while it is in transit.
131
131
132
132
For import jobs, drives are encrypted in two ways.
133
133
134
134
135
135
- Specify the option when using *dataset.csv* file while running the WAImportExport tool during drive preparation.
136
136
137
-
- Enable BitLocker encryption manually on the drive. Specify the encryption key in the *driveset.csv* when running WAImportExport tool command line during drive preparation.
137
+
- Enable BitLocker encryption manually on the drive. Specify the encryption key in the *driveset.csv* when running WAImportExport tool command line during drive preparation. The BitLocker encryption key can be further protected by using an external key protector (also known as the Microsoft managed key) or a customer managed key. For more information, see how to [Use a customer mananged key to protect your BitLocker key](storage-import-export-encryption-key-portal.md).
138
138
139
139
140
-
For export jobs, after your data is copied to the drives, the service encrypts the drive using BitLocker before shipping it back to you. The encryption key is provided to you via the Azure portal.
140
+
For export jobs, after your data is copied to the drives, the service encrypts the drive using BitLocker before shipping it back to you. The encryption key is provided to you via the Azure portal. The drive needs to be unlocked using the WAImporExport tool using the key.
0 commit comments