Data protection

Azure Data Factory is not encrypted with a CMK

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Azure Data Factory is Azure's cloud ETL service for scale-out serverless data integration and data transformation.{AzureDataFactory} is not encrypted with customer managed key (CMK). Encrypting the data factory ensures that the entire content is fully unrecoverable without a key and thus protects from unwarranted reads. Encryption with customer managed key (CMK) is superior encryption although requires additional planning. Using customer managed keys may provide an additional level of security or meet an organization's regulatory requirements.

  • Recommended Mitigation

    It is recommended to encrypt the data factory with customer managed keys.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.