Azure-VirtualMachines-VM-Backups-Enabled

Severity : Medium

Description: This control ensures that Azure virtual machines are configured with backup policy. Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. Azure Backup creates recovery points that can be stored in geo-redundant recovery vaults and protect data by taking backups at regular intervals. When a VM restore from a recovery point, it can restore entire VM or specific files.

Remediation Steps:

Perform following to use SSH key pair for Virtual machine authentication :

1. Login to Azure Portal using https://portal.azure.com.

2. Navigate to Virtual machines.

3. From the list of VMs, select the VM to back up.

4. On the VM menu, select Backup.

5. In Recovery Services vault,

   1. select Select existing and vault name from drop list, if vault exist.

   2. If vault doesn’t exist, Select Create new. Specify a name for vault.

6. Under Choose backup policy

   1. Select DefaultPolicy, to back up once a day at specified time and retain for 30 days.

   2. If a policy exist, select the policy

   3. otherwise, select Create new policy and define the policy configuration.

7. Select Enable Backup.

Important:

Reference:

• https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm