![]() The following table describes the BitLocker key protection chain for a given server (in this case, an Exchange Online server). The following figure illustrates an example of the BitLocker key protection chain for a given server (in this case, using an Exchange Online server). The VMK directly protects the FVEK and therefore, protecting the VMK becomes critical. Disk sectors are encrypted with a Full Volume Encryption Key (FVEK), which is encrypted with the Volume Master Key (VMK), which in turn is bound to the Trusted Platform Module (TPM) in the server. ![]() In this case, BitLocker eliminates the potential for data theft or exposure because of lost, stolen, or inappropriately decommissioned computers and disks.īitLocker is deployed with Advanced Encryption Standard (AES) 256-bit encryption on disks containing customer data in Exchange Online, SharePoint Online, and Skype for Business. ![]() BitLocker is one of the technologies used to safeguard against threats in case there are lapses in other processes or controls (e.g., access control or recycling of hardware) that could lead to someone gaining physical access to disks containing customer data. BitLocker encryption is a data protection feature that is built into Windows. Microsoft servers use BitLocker to encrypt the disk drives containing customer data at rest at the volume-level.
0 Comments
Leave a Reply. |