Hi @Andre Bruges ,
Apologies for the delayed response. In general, Azure offers many mechanisms for keeping data private as it moves from one location to another. Azure App Service applications support both non-encrypted HTTP requests, and encrypted HTTPS requests.
Based on this Azure encryption overview documentation :
"Whenever Azure Customer traffic moves between datacenters-- outside physical boundaries not controlled by Microsoft (or on behalf of Microsoft)-- a data-link layer encryption method using the IEEE 802.1AE MAC Security Standards (also known as MACsec) is applied from point-to-point across the underlying network hardware. The packets are encrypted and decrypted on the devices before being sent, preventing physical “man-in-the-middle” or snooping/wiretapping attacks. Because this technology is integrated on the network hardware itself, it provides line rate encryption on the network hardware with no measurable link latency increase. This MACsec encryption is on by default for all Azure traffic traveling within a region or between regions, and no action is required on customers’ part to enable."
To learn more please read these documents:
Azure security baseline for Windows Virtual Desktop
Security best practices
Hope that helps. Please let us know if you have further questions
Thanks,
Grace