Azure Storage Account without private endpoint, subnet, or firewall configured

Data at risk

Azure Storage Account without private endpoint, subnet, or firewall configured

Platform(s)

Compliance Frameworks

CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
HITRUST
iso_27001_2022
iso_27002_2022
Microsoft Cloud Security Benchmark
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

In the storage account creation process, there are three connectivity methods: Public for all networks, Public for specified networks or Private endpoint. Storage account should be configured as Public for all networks only if necessary. If possible, it's recommended to limit access to the storage account by adjusting firewall rules and creating private endpoint to connect the storage account using private link. It was found that {AzureStorageAccount} storage account doesn't use private endpoint and firewall rules.

Azure Storage Account without private endpoint, subnet, or firewall configured

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS