3. Storage Accounts
Description: The Data in the storage account has various levels of security to protect the data from anonymous access, they are CORS, Management plane &...
Mon, 21 Aug, 2023 at 8:31 AM
Description: Regenerate storage account access keys periodically. Rationale: When a storage account is created, Azure generates two 512-bit storage ac...
Wed, 22 Sep, 2021 at 2:03 AM
Description: The Storage Queue service stores messages that may be read by any client who has access to the storage account. A queue can contain an unlimit...
Thu, 7 Sep, 2023 at 10:44 AM
Description: The SAS token is the query string that includes all of the information required to authenticate the Shared Access Signature, as well as to spe...
Mon, 25 Jul, 2022 at 3:42 AM
Ensure that 'Public access level' is disabled for storage accounts with blob containers (Automated).
Description: Disable anonymous access to blob containers and disallow blob public access on the storage account. Rationale: Anonymous, public read acc...
Thu, 7 Sep, 2023 at 10:46 AM
Description: Restricting default network access helps to provide a new layer of security since storage accounts accept connections from clients on any netw...
Wed, 22 Sep, 2021 at 7:57 AM
Description: Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To h...
Thu, 7 Sep, 2023 at 10:47 AM
Description: The Azure Storage blobs contain data like ePHI, Financial, secret or personal. Erroneously modified or deleted accidentally by an application ...
Wed, 22 Sep, 2021 at 9:20 AM
Description: Enable sensitive data encryption at rest using Customer Managed Keys rather than Microsoft Managed keys. Rationale: By default, data in t...
Wed, 22 Sep, 2021 at 9:30 AM