HIGH
Source
CloudSploit
ID
vm-encryption-at-host

VM Encryption At Host

Ensures that encryption at host is enabled for Azure Virtual Machine disks.

The data for temporary disk and OS/data disk caches is stored on the VM host. Enabling encryption at host for Azure Virtual Machine disks allows the data to be end-to-end encrypted, ensuring compliance and bolstering overall security with Azure Disk Encryption.

Ensure that all Azure Virtual Machines have encryption at host enabled for disks.