Ensure 'Cross Tenant Replication' is not enabled
Why This Matters
Cross tenant replication in Azure Storage allows data to be copied across different Azure Active Directory tenants. If left enabled, this feature can lead to unintentional data exposure, data leakage, or compliance violations when a storage account owner in another tenant initiates replication without your explicit authorization. Disabling this setting is essential for maintaining strict data governance and preventing unauthorized access to sensitive data.
What Aether365 Checks
This check verifies that cross tenant replication is disabled on each Azure Storage account. It appears in the Aether365 dashboard under the azure-storage-accounts checks and flags any account where the Allow cross-tenant replication setting is enabled.