Data protection

Azure storage account is not using TLS 1.2 version

Platform(s)
Compliance Frameworks

Azure CIS, Brazilian General Data Protection (LGPD), CCPA, coppa, CPRA, Data Security Posture Management (DSPM) Best Practices, hdh, iso_27001_2022, iso_27002_2022, Microsoft Cloud Security Benchmark, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, pipeda, UK Cyber Essentials

Description

Azure Storage sets the minimum TLS version to be version 1.0 by default. TLS 1.0 is a legacy version and has known vulnerabilities. This minimum TLS version can be configured to be later protocols such as TLS 1.2.