agree, good explanation, kudos Naveed!

Great Video with good explainations Naveed!

in Security point of view which Encryption is better SSE or Azure Disk Encryption, which one is more secure and how it is more secure.

Thanks Naveed. Great video. Do we know if we can use SSE + CMK and add Azure Disk Encryption on top of that ?

@AzurePowerLunch

4 жыл бұрын

You do not need Azure Disk Encryption if you have SSE+CMK.

@dips31089

4 жыл бұрын

@@AzurePowerLunch Thank you for the response. I did find this mentioned in the Unsupported scenarios for ADE - "Applying ADE to a VM that has a data disk encrypted with server-side encryption with customer-managed keys (SSE + CMK), or applying SSE + CMK to a data disk on a VM encrypted with ADE." That being said, SSE still happens at the Storage Account level, not at the OS level. So wouldn't ADE be considered a stronger encryption as compared to SSE + CMK ?

@shauncroucher

3 жыл бұрын

@@AzurePowerLunch This is not quite true. ADE provides end-to-end encryption so in the event that the VHD is exported\downloaded from the subscription it would be unreadable. SSE+CMK does not provide that guest-level encryption and the VHD would be readable outside of Azure as the disks would be decrypted at time of export.

Cloud admin view the data right they having customer key

Need quick help, Thanks a ton in advance. Can we apply SSE with CMK through ARM template ? If so, how ?

@AzurePowerLunch

3 жыл бұрын

Yes you can. Have you looked at this link: www.appliedis.com/azure-vm-disk-encryption-using-deployment-scripts-in-arm-templates/

@ChaitanyaKumar28

3 жыл бұрын

@@AzurePowerLunch yes I saw that and got helped. Thanks a ton :)