Severity : High
Description : Storage accounts can be configured to encrypt data-at-rest. By default Azure will create a set of keys to encrypt the storage account, but the recommended approach is to create your own keys using Azure Key Vault.
Remediation Steps : Ensure all Storage Accounts are configured with a BYOK key.