Ensure that 'Public Network Access' is 'Disabled' for storage accounts
Why This Matters
Leaving public network access enabled on a storage account increases the risk of unauthorized data exposure. Even though public access to containers is disabled by default, a misconfigured storage account could allow anonymous requests to sensitive data without requiring authentication. Disabling public network access entirely enforces controlled access through shared access signatures or Azure AD RBAC, reducing the attack surface.
What Aether365 Checks
This check verifies that the "Public network access" setting is disabled for each Azure Storage account in your subscription. The result appears in the Aether365 dashboard under the azure-storage-accounts checks category.
How to Fix
Use the Azure portal to disable public network access for each storage account: