Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Severity : High

Description : Storage accounts can be configured to encrypt data-at-rest. By default Azure will create a set of keys to encrypt the storage account, but the recommended approach is to create your own keys using Azure Key Vault.

Remediation Steps : Ensure all Storage Accounts are configured with a BYOK key.