NMM Feature Request - Disk encryption Settings on VM Creation / Autoscale Config

Avatar
Milan Kurent

Hi, 

Some of our customers have strict policies in place in regards to resource creation in the azure subscriptions. One example is that the resources should have encryption enabled (Managed HSM) upon creation. At this point, you cannot alter any setting in regards to the vm's disk upon creation. We could implement this via script after creation, but this would mean that the policy needs to be exempted, which brings up discussions with the security team. 

Can you therefore look into being able to choose encryption settings when: 

* Adding desktop image from Azure library 
* Add session host from host pool 
* Define setting in autoscale configuration 

Thank you. 

4

Comments (3 comments)

Sort by
1
Avatar
Dave Stephenson

Security is a big topic in the industry right now.
Azure Policy is also becoming more critical to implement.
However, you're right that we don't currently support disk encryption and/or conflicts with Azure Policy.

Our team will have to look into the best way to accomplish this.
Out of curiosity, when you say "some of our customers", is that 75% of your customer or 5 or 6 customers who have the security requirements, right now?

0
Avatar
Milan Kurent

Hi Dave, 

Almost all our customers require encryption these days, but not all of them are forcing it through policy. I do think this will be more of a default anytime soon. For now we could work around it by exempting the policy, but for one particular prospect this will not be possible and we require it to have it already present during creation. 

0
Avatar
Dave Stephenson

Thanks, Milan.
We always appreciate having the extra "color" or "need" behind the requests.

Please sign in to leave a comment.