Azure > Recovery Service Vault >

Recovery Services Vault BYOK Encrypted

HIGH

Source

CloudSploit

ID

recovery-services-vault-byok-encrypted

management console

Recovery Services Vault BYOK Encrypted

Ensure that Microsoft Azure Recovery Services Vaults have BYOK encryption enabled.

A customer-managed key gives you the ownership to bring your own key in Azure Key Vault. When you enable a customer-managed key, you can manage its rotations, control the access and permissions to use it, and audit its use.

Recommended Actions

Modify Recovery Service vault and enable BYOK encryption.

Links

https://learn.microsoft.com/en-us/azure/backup/encryption-at-rest-with-cmk

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use