default network access rule for Storage Accounts is not set to deny

Network misconfigurations

default network access rule for Storage Accounts is not set to deny

Platform(s)

Compliance Frameworks

Azure CIS
Brazilian General Data Protection (LGPD)
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO 27701
iso_27001_2022
iso_27002_2022
Microsoft Cloud Security Benchmark
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Access to Storage Account can be granted to traffic from specific Azure Virtual networks, allowing a secure network boundary for specific applications to be built. Access can also be granted to public internet IP address ranges, to enable connections from specific internet or on-premises clients. When network rules are configured, only applications from allowed networks can access a storage account. When calling from an allowed network, applications continue to require proper authorization (a valid access key or SAS token) to access the storage account.

default network access rule for Storage Accounts is not set to deny

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS