| Source | Azure Portal | ||||||||||||||||||||||
| Display name | Microsoft Managed Control 1664 - Protection Of Information At Rest | Cryptographic Protection | ||||||||||||||||||||||
| Id | a2cdf6b8-9505-4619-b579-309ba72037ac | ||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
| Description | Microsoft implements this System and Communications Protection control | ||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1664 / Microsoft Managed Control 1664 Category: System and Communications Protection Title: Protection Of Information At Rest | Cryptographic Protection Ownership: Customer, Microsoft Description: The information system implements cryptographic mechanisms to prevent unauthorized disclosure and modification of Customer data on Microsoft Azure servers. Requirements: Azure Storage automatically encrypts data when persisting it to the cloud. Data in Azure Storage is encrypted and decrypted transparently using 256-bit AES encryption, one of the strongest block ciphers available, and is FIPS 140-2 compliant. Azure Storage encryption is enabled for all new and existing storage accounts and cannot be disabled. Storage accounts are encrypted regardless of their performance tier (standard or premium) or deployment model (Azure Resource Manager or classic). All Azure Storage redundancy options support encryption, and all copies of a storage account are encrypted. All Azure Storage resources are encrypted, including blobs, disks, files, queues, and tables. All object metadata is also encrypted. |
||||||||||||||||||||||
| Mode | Indexed | ||||||||||||||||||||||
| Type | Static | ||||||||||||||||||||||
| Preview | False | ||||||||||||||||||||||
| Deprecated | False | ||||||||||||||||||||||
| Effect | Fixed audit |
||||||||||||||||||||||
| RBAC role(s) | none | ||||||||||||||||||||||
| Rule aliases | none | ||||||||||||||||||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||||||||||||||||||
| Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1664 - Protection Of Information At Rest | Cryptographic Protection' (a2cdf6b8-9505-4619-b579-309ba72037ac)
| ||||||||||||||||||||||
| Initiatives usage |
|
||||||||||||||||||||||
| History | none | ||||||||||||||||||||||
| JSON compare | n/a | ||||||||||||||||||||||
| JSON |
|