{"id":"azure-access-and-data-orthogonal-protection-planes","text":"Azure enforces protection through two orthogonal planes that must be independently configured: the access plane (identity-rooted default-deny across network and governance layers) prevents unauthorized data access, while the data plane (dual-layer FIPS-tiered encryption at rest plus universal TLS 1.2 in transit) ensures data remains protected even if access controls are compromised — neither plane compensates for gaps in the other.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"azure-access-and-data-orthogonal-protection-planes","truth_value":"IN","reason":"premise"}]}}