Azure Storage account's Customer-Managed Keys encryption is disabled

Data protection

Azure Storage account’s Customer-Managed Keys encryption is disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-53

Description

Configuring the storage account to use BYOK (Use Your Own Key) provides additional confidentiality controls on data as a given user must have read permission on the corresponding storage account and must be granted decrypt permission by the CMK.

Recommended Mitigation

Configure Customer-Managed Keys encryption for your storage account - {AzureStorageAccount}.

Azure Storage account’s Customer-Managed Keys encryption is disabled

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS