Best practice rules for Monitor
Trend Micro Cloud One™ – Conformity monitors Monitor with the following rules:
- Activity Log All Activities
Ensure that Azure Log Profile is configured to export all control & management activities.
- Activity Log All Regions
Ensure that Azure Log Profile is configured to capture activity logs for all regions.
- Activity Log Retention
Ensure that Azure activity log retention period is set for 365 days or greater.
- Azure Activity Log Profile in Use
Ensure that a Log Profile exists for each subscription available in your Azure account.
- Check for Publicly Accessible Activity Log Storage Container
Ensure that the Azure storage container storing the activity logs is not publicly accessible.
- Use BYOK for Activity Log Storage Container Encryption
Use Bring Your Own Key (BYOK) for Azure activity log storage container encryption.