Ensure that 'Enable Infrastructure Encryption' for Each Storage Account in Azure Storage is Set to 'enabled'
Why This Matters
Azure Storage already encrypts data at the network level with 256-bit AES encryption, but enabling infrastructure encryption adds a second, hardware-level encryption layer. This protects your data even if one encryption algorithm or key is compromised, and it keeps data encrypted before network transmission and in backups. Without this setting, your storage accounts lack the highest assurance against key compromise scenarios.
What Aether365 Checks
This check verifies that Infrastructure Encryption is enabled for each Azure Storage account. It appears in the Aether365 dashboard under the azure-storage-accounts security checks group.