Azure_SecurityCenter_6

Ensure ASC Default policy setting Monitor Disk Encryption is not Disabled

Description

Enable Disk encryption recommendations for virtual machines.

Remediation

Perform the following in the Azure Console:

  1. Navigate to Azure Policy
  2. On Policy Overview blade, Click on Policy ASC Default (Subscription:Subscription_ID)
  3. On ASC Default blade, Click on Edit Assignments
  4. In section PARAMETERS , Set Monitor Disk Encryption to AuditIfNotExists or anyother available value than Disabled
  5. Click Save

References:

  1. https://docs.microsoft.com/en-us/azure/security-center/security-center-policies 
  2. https://msdn.microsoft.com/en-us/library/mt704062.aspx
  3. https://msdn.microsoft.com/en-us/library/mt704063.aspx
  4. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/get
  5. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/create
  6. https://docs.microsoft.com/en-us/azure/security-center/security-center-apply-disk-encryption
     


Service

Security Center

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!