Merge pull request #22738 from lizap/lizadata

new article
ahmadsafirun · Apr 21, 2016 · ad7bfad · ad7bfad
2 parents 665131a + 6ab34b5
commit ad7bfad
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 3 deletions.
diff --git a/articles/remoteapp/remoteapp-datastorage.md b/articles/remoteapp/remoteapp-datastorage.md
@@ -0,0 +1,45 @@
+
+<properties
+    pageTitle="Never store sensitive data on custom images for Azure RemoteApp | Microsoft Azure"
+    description="Learn about the guidelines for storing data in custom images in Azure RemoteApp"
+    services="remoteapp"
+    documentationCenter=""
+    authors="lizap"
+    manager="mbaldwin" />
+
+<tags
+    ms.service="remoteapp"
+    ms.workload="compute"
+    ms.tgt_pltfrm="na"
+    ms.devlang="na"
+    ms.topic="article"
+    ms.date="04/07/2016"
+    ms.author="elizapo" />
+
+
+# Never store sensitive data on custom images
+
+When you host your own application in Azure RemoteApp, the first step is to create a custom image. We use that custom image to create VM instances that serve your apps to your users. The custom image should contain ONLY applications and never sensitive data that can be lost, such as SQL databases, personnel files, or special data files like QuickBooks company files. All sensitive data should reside external to Azure RemoteApp on a file server, another Azure VM, or in SQL Azure. The image should just host the application that connects to the data source and presents the data. Review [Requirements for Azure RemoteApp images](remoteapp-imagereqs.md) for more information. 
+
+To understand why you should not store sensitive data, you need to understand how Azure RemoteApp works. When a collection is created or updated, behind the scenes multiple clones or copies of the image are created. All these VM instances are exact replicas of the custom image; when users launch applications they are connected to one of these VM instances. But the same instance is not guaranteed and should not matter because they are non-persistent. The VM instances hosting the applications are non-persistent and can be destroyed or deleted based, for example, during collection update. 
+
+Once the collection is provisioned and users start connecting to the VMs, user data is persistent and protected because it is saved on separate storage within a VHD that we call a [user profile disk (UPD)](remoteapp-upd.md), which is the user profile in c:\users\<userprofile>. When an application starts, the UPD is mounted and treated just like a local user profile by the operating system. Read more about how [Azure RemoteApp saves user data and settings](remoteapp-upd.md).
+
+Example data that should not reside in the image:
+
+- Shared data for users to access
+- SQL DB or QuickBooks DB
+- Any data in D:\
+
+Example data that can reside in the default profile to be copied into every users’ UPD:
+
+- Configuration files per user
+- Scripts that users would need preserved in their UPD
+
+Key points:
+
+- Never store sensitive data that can be lost on the image when creating a custom image.
+- Sensitive data should always reside on a separate file server, separate Azure VM, on the cloud, and always external to the VM instances hosting your applications within Azure RemoteApp. 
+- User data is saved and persists in the user profile disk (UPD)
+
+
diff --git a/articles/remoteapp/remoteapp-faq.md b/articles/remoteapp/remoteapp-faq.md
@@ -13,7 +13,7 @@
 	ms.tgt_pltfrm="na" 
 	ms.devlang="na" 
 	ms.topic="get-started-article" 
-	ms.date="02/25/2016" 
+	ms.date="04/08/2016" 
 	ms.author="elizapo"/>
 
 # Azure RemoteApp FAQ
@@ -38,7 +38,7 @@ Yes, it can, depending on your collection requirements. A hybrid collection requ
 
 ## Collections - what's supported, which should you use, and others
 - **Are custom line-of-business (LOB) applications supported?** Yes. To use a custom application in Azure RemoteApp, create a [custom template image](remoteapp-create-custom-image.md), and then upload it to the RemoteApp collection.
-- **Will my custom LOB application work in Azure RemoteApp?** The best way to figure that out is to test it. Review the [application compatibility requirements](http://www.microsoft.com/download/details.aspx?id=18704) and check out the [RD Compatibility Center](http://www.rdcompatibility.com/compatibility/default.aspx).
+- **Will my custom LOB application work in Azure RemoteApp?** The best way to figure that out is to test it. Check out the [RD Compatibility Center](http://www.rdcompatibility.com/compatibility/default.aspx).
 - **Which deployment method (cloud or hybrid) is best for my organization?** Hybrid collections provide the most complete experience if you want full integration with single sign-on (SSO) and secure on-premises network connectivity. Cloud collections provide an agile and easy way to isolate your deployment by using multiple authentication methods. Read more about the [deployment options](remoteapp-whatis.md).
 - **We have SQL or another database either on-premises or in Azure. Which deployment type should we use?** That depends on where your SQL or backend database is. If the database is in a private network, use the hybrid collection. If the database is exposed to the Internet and allows client connections to connect to it, you can use the cloud collection.
 - **What about drive mapping, USB and serial port, clipboard sharing, and printer redirection?** All of those features are supported in Azure RemoteApp. Clipboard sharing and printer redirection is enabled by default. You can learn more about redirection [here](remoteapp-redirection.md). 

diff --git a/articles/remoteapp/remoteapp-whatis.md b/articles/remoteapp/remoteapp-whatis.md
@@ -78,4 +78,4 @@ Go! Try it out! These articles help get you started with Azure RemoteApp:
 
 
 ### Help us help you 
-Did you know that in addition to rating this article and making comments down below, you can make changes to the article itself? Something missing? Something wrong? Did I write something that's just confusing? Scroll up and click **Edit on GitHub** to make changes - those will come to us for review, and then, once we sign off on them, you'll see your changes and improvements right here.
+Did you know that in addition to rating this article and making comments down below, you can make changes to the article itself? Something missing? Something wrong? Did I write something that's just confusing? Scroll up and click **Edit on GitHub** or **Edit** to make changes - those will come to us for review, and then, once we sign off on them, you'll see your changes and improvements right here.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -78,4 +78,4 @@ Go! Try it out! These articles help get you started with Azure RemoteApp:


		### Help us help you
		Did you know that in addition to rating this article and making comments down below, you can make changes to the article itself? Something missing? Something wrong? Did I write something that's just confusing? Scroll up and click Edit on GitHub to make changes - those will come to us for review, and then, once we sign off on them, you'll see your changes and improvements right here.
		Did you know that in addition to rating this article and making comments down below, you can make changes to the article itself? Something missing? Something wrong? Did I write something that's just confusing? Scroll up and click Edit on GitHub or Edit to make changes - those will come to us for review, and then, once we sign off on them, you'll see your changes and improvements right here.