• 1 min read

Disaster recovery of Azure disk encryption (V2) enabled virtual machines

Choosing Azure for your applications and services allows you take advantage of a wide array of security tools and capabilities. These tools and capabilities help make it possible to create secure solutions on Azure.

Choosing Azure for your applications and services allows you take advantage of a wide array of security tools and capabilities. These tools and capabilities help make it possible to create secure solutions on Azure. Among these capabilities is Azure disk encryption, designed to help protect and safeguard your data to meet your organizational security and compliance commitments. It uses the industry standard BitLocker Drive Encryption for Windows and DM-Crypt for Linux to provide volume encryption for OS and data disks. The solution is integrated with Azure Key Vault to help you control and manage disk encryption keys and secrets, and ensures that all data on virtual machine (VM) disks are encrypted both in-transit and at rest while in Azure Storage.

Beyond securing your applications, it is important to have a disaster recovery plan in place to keep your mission critical applications up and running when planned and unplanned outages occur. Azure Site Recovery helps orchestrate replication, failover, and recovery of applications running on Azure Virtual Machines so that they are available from a secondary region if you have any outages in the primary region.

Azure Site Recovery now supports disaster recovery of Azure disk encryption (V2) enabled virtual machines without Azure Active Directory application. While enabling replication of your VM for disaster recovery, all the required disk encryption keys and secrets are copied from the source region to the target region in the user context. If the user managing disaster recovery does not have the appropriate permissions, the user can hand over the ready-to-use script to the security administrator to copy the keys and secrets and proceed with configuration.

Configure disaster recovery for Azure disk encryption (V2) enabled virtual machines

This feature currently supports only Windows VMs using managed disks. The support for Linux VMs using managed disks will be available in the coming weeks. This feature is available in all Azure regions where Azure Site Recovery is available. Configure disaster recovery for Azure disk encryption enabled virtual machines using Azure Site Recovery today and become both secure and protected from outages.