Plugin Title Log Storage Encryption
Cloud AZURE
Category Storage Accounts
Description Ensures BYOK encryption is properly configured in the Activity Log Storage Account
More Info Storage accounts can be configured to encrypt data-at-rest. By default Azure will create a set of keys to encrypt the storage account, but the recommended approach is to create your own keys using Azure Key Vault.
AWS Link https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption-customer-managed-keys
Recommended Action Ensure the Storage Account used by Activity Logs is configured with a BYOK key.


Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now