sqlvan5orkhoarubfu
Region: eastus
Overview
Critical
0High
0Medium
3Low
0Informational
0Security issues (3)
Severity | Non-Compliance | Issue | Remediation | Read more | Action |
---|---|---|---|---|---|
Medium | CIS 3.12 | Storage Account uses Microsoft managed key instead of BYOK (Bring Your Own Key). | For greater control, transparency and increasing security by having full control of the encryption keys, ensure your Storage Account data at rest is protected with a key from your own Azure Key Vault. | More info | |
Medium | CIS 3.8 PCI DSS (Networking) HIPAA (Networking) | Storage Account is configured to allow access to traffic from all networks (including Internet traffic). | To fulfill PCI requirements on segmenting networks using firewalls and HIPAA access controls that require data access to be restricted to known sources, configure your Storage Account to deny access to traffic from all networks by default. | More info | |
Medium | CIS 3.11 | Storage Account Blob has no Soft Delete data retention period configured. | To handle your data restoration process in the event of a failure more efficiently, ensure that your Storage Blob objects have a sufficient Soft Delete data retention period, i.e. greater than 30 days. | More info |