Earlier this year, Microsoft released watermarking support in public preview for Azure Virtual Desktop (AVD). The company detailed in a blog post yesterday that the security feature is now generally available for all commercial customers.
Azure Virtual Desktop (AVD) is a cloud-based virtual desktop and application virtualization solution that runs in Microsoft Azure. The managed service comes with several built-in various security capabilities (like Reverse Connect) to protect data in enterprise environments.
Microsoft explained that watermarking is an optional security feature that’s designed to protect sensitive data from being captured and shared on client devices. Once enabled, users will see QR codes with the embedded user’s session Activity ID on their screens.
The watermarking feature allows IT admins to trace a data leak back to its original source before it can expose more information. They can either query Azure Monitor Log Analytics or use Azure Virtual Desktop Insights to find session information from the QR code.
“When you enable watermarking, QR code watermarks appear as part of remote desktops. The QR code contains the connection ID of a remote session that admins can use to trace the session. Watermarking is configured on session hosts and enforced by the Remote Desktop client,” Microsoft explained.
Previously, the watermarking feature was exclusively accessible on the Windows desktop app. Now, Microsoft has expanded its availability to cover the Azure Virtual Desktop web client as well. The company has also provided a couple of administrative templates to help administrators get started with watermarking in Azure Virtual Desktop.
Overall, watermarks are a useful tool to remind employees that the content they are viewing is sensitive and should not be shared or copied without authorization. Organizations can combine watermarking with other security measures to create robust protections against unauthorized access and security breaches.