Data protection

Azure Data Factory is not encrypted with a CMK

Risk Level

Informational (4)

Compliance Frameworks


Azure Data Factory is Azure's cloud ETL service for scale-out serverless data integration and data transformation.{AzureDataFactory} is not encrypted with customer managed key (CMK). Encrypting the data factory ensures that the entire content is fully unrecoverable without a key and thus protects from unwarranted reads. Encryption with customer managed key (CMK) is superior encryption although requires additional planning. Using customer managed keys may provide an additional level of security or meet an organization's regulatory requirements.
  • Recommended Mitigation

    It is recommended to encrypt the data factory with customer managed keys.