Data disk encryption
TWSC Virtual Disk Encryption secures user data to meet the security and compliance commitments required by organizations. Used in the same way as a regular disk, the system will automatically encrypt the data on the disk using the Advanced Encryption Standard (AES-256) algorithm, except that the encryption process may slightly affect data access efficiency.
Using TWSC virtual disk encryption secures the following data:
- Data stored on the disk
- Data transferred between the disk and the VCS instance
- Backup snapshots created from a disk
- Disks created with the snapshot
How to use it?
Create an encrypted disk
- You can create an encrypted data disk on the storage page when you create a VCS instance, you can choose either HDD Encryption or SSD Encryption disk, and set the disk capacity.
- Or create an encrypted disk on the Data Disk Management page and attach it to a VCS instance.
Once created, refer to the following documents to initialize the disk and then use it.
Moving data from an old disk to an encrypted disk
If you want to upgrade a non-encrypted disk to a more secure encrypted disk, please refer to Change data disks, after creating and attaching an encrypted disk, move your data to the new disk, and then delete the old disk to complete the replacement.
Disk snapshots
Sorry, the encrypted disk snapshots feature is not available now, and will be available again when the user experience is fully optimized.
To prevent disk data from being affected by an attack to your VCS instance, refer to Disk Encryption (CentOS as an example) to set disk encryption from the OS level to doubly protect your data.