Azure-StorageAccounts-Blobs-Soft-Deletion-Enabled

Severity : Medium

Description : When soft delete for blobs is enabled for a storage account, blobs, blob versions, and snapshots in that storage account may be recovered after they are deleted, within a retention period that you specify.

Remediation Steps : Enable soft delete for blobs and set deletion retention policy to keep blobs for more than desired number of days

Description: This control ensures that soft delete is enabled for all storage accounts. When enable this configuration for azure storage ensures that even if blobs/data were deleted from the storage account, Blobs/data objects remain recoverable for a particular time which set in the Retention policies. This also help prevent data loss in scenarios of accidental deletion of blob or blob snapshot as these blob become recoverable. Retention policies for soft deletion can be 7 days to 365 days.

Remediation Steps:

Perform following to update parameters:

1. Login to Azure Portal using https://portal.azure.com.

2. Go to Storage Accounts.

3. For each storage account, click on the Data protection under Blob Service.

4. Ensure that Turn on soft delete for blobs is checked.

Important:

Reference:

• CIS Microsoft Azure Foundations Benchmark v1.3.0 - 02-01-2021 : Recommendation #3.8

• https://docs.microsoft.com/en-us/azure/storage/blobs/soft-delete-blob-overview