![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 40%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVH%3C/text%3E%3C/svg%3E)
Azure Data Box
A family of appliances and solutions for offline data transfer to Azure.
39 questions
@Vic Hindocha Welcome to Microsoft Q&A Forum, Thank you for posting your query here!
The Data Box disks are encrypted with AES 256-bit encryption.
The device is locked and needs an unlock password to enter and access data. For more information, go to Data Box security features.
The following diagram indicates the flow of data through the Azure Data Box solution from on-premises to Azure and the various security features in place as the data flows through the solution. This flow is for an import order for your Data Box.
The following diagram is for the export order for your Data Box.
When you order an Azure Data Box for data transfer, you will be prompted to create an encryption key that will be used to encrypt the data on the Data Box. This encryption key is not stored on the Data Box itself, but is instead stored securely in Azure Key Vault.
When you receive the Data Box, you will need to unlock it using the encryption key that you created. This will allow you to copy your data to the Data Box and encrypt it using the key.
Once you have copied your data to the Data Box and are ready to return it to Microsoft, you will need to securely erase the encryption key from the Data Box. This can be done using the Data Box erasure tool, which is a command-line tool that securely erases the encryption key from the Data Box.
When Microsoft receives the Data Box, they will use the encryption key that you provided to decrypt the data and transfer it to your Azure storage account. The process of decrypting the data and transferring it to your storage account is automated and does not require any manual intervention.
Additional information: In the Azure portal, go to your Data Box order, and navigate to Device details. Copy the unlock password. Use this password to log into the local web UI on your Data Box. For more information, go to Tutorial: Unpack, cable, connect your Azure Data Box.
I can't access the Data Box unlock password in the Azure portal. Why?
If you aren't able to access the unlock password in the Azure portal, check the permissions on your subscription and storage account. Ensure that you have contributor or owner permission at resource group level. You need to have at least Data Box Operator role permission to see the access credentials.
**
How do I verify the data I copied onto my Data Box?**
After the data copy is complete, when you run Prepare to ship, your data is validated. Data Box generates a list of files and checksums for the data during the validation process. You can download the list of files and verify the list against the files in the source data. For more information, go to Prepare to ship.
What happens to my data after I return the Data Box?
Once the data upload to Azure is complete, the data from the disks on the Data Box is securely erased as per the NIST SP 800-88 Revision 1 guidelines. For more information, go to Erasure of data from Data Box.
I hope this helps to clarify the upload process for Azure Data Box. Let me know if you have any further questions.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.