You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/databox/data-box-v2-review-security.md
+4-5Lines changed: 4 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
---
2
-
title: Microsoft Azure Data Box V2 security overview | Microsoft Docs in data
3
-
description: Describes Azure Data Box V2 security features in the device, service, and data that resides on Data Box.
2
+
title: Microsoft Azure Data Box next gen security overview | Microsoft Docs in data
3
+
description: Describes Azure Data Box next gen security features in the device, service, and data that resides on Data Box.
4
4
services: databox
5
5
author: deeptitakyar
6
6
@@ -9,7 +9,7 @@ ms.topic: overview
9
9
ms.date: 04/13/2022
10
10
ms.author: shaas
11
11
---
12
-
# Azure Data Box V2 security and data protection
12
+
# Azure Data Box next generation security and data protection
13
13
14
14
Data Box provides a secure solution for data protection by ensuring that only authorized entities can view, modify, or delete your data. This article describes the Azure Data Box security features that help protect each of the Data Box solution components and the data stored on them.
15
15
@@ -50,7 +50,7 @@ The Data Box device is protected by the following features:
50
50
- Hardware and software tampering detection that prevents further device operations.
51
51
- Built-in intrusion detection system that detects any unauthorized physical access to the devices.
52
52
- Semper Secure Flash technology integrated with a hardware Root of Trust (RoT) within the flash memory chip, ensuring firmware integrity and secure updates without hardware modifications.
53
-
- A Trusted Platform Module (TPM) that performs hardware-based, security-related functions. Specifically, the TPM manages and protects secrets and data that needs to be persisted on the device.
53
+
- A Trusted Platform Module (TPM) 2.0 that performs hardware-based, security-related functions. Specifically, the TPM manages and protects secrets and data that needs to be persisted on the device.
54
54
- Runs only Data Box-specific software.
55
55
- Boots up in a locked state.
56
56
- Controls device access via a device unlock passkey. This passkey is protected by an encryption key. You can use your own customer-managed key to protect the passkey. For more information, see [Use customer-managed keys in Azure Key Vault for Azure Data Box](data-box-customer-managed-encryption-key-portal.md).
@@ -66,7 +66,6 @@ A Data Box device lets you bring your own certificates and install those to be u
66
66
The data that flows in and out of Data Box is protected by the following features:
67
67
68
68
- AES 256-bit encryption for Data-at-rest. In a high-security environment, you can use software-based double encryption. For more information, see [Tutorial: Order Azure Data Box](data-box-deploy-ordered.md).
69
-
- The software based encryption is enhanced by RAID controller based hardware encryption.
70
69
- Encrypted protocols can be used for data-in-flight. We recommend that you use SMB 3.0 with encryption to protect data when you copy to it from your data servers.
71
70
- Secure erasure of data from the device once upload to Azure is complete. Data erasure is in accordance with guidelines in [Appendix A for ATA Hard Disk Drives in NIST 800-88r1 standards](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf). The data erasure event is recorded in the [order history](data-box-logs.md#download-order-history).
0 commit comments