Ensure that disk encryption monitoring is enabled within your Microsoft Azure cloud account so that Azure Security Center service can detect if your virtual machines (Windows and Linux) have disk encryption enabled.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
When working with production data it is highly recommended to implement encryption in order to protect it from unauthorized access and fulfill compliance requirements for data-at-rest encryption in your organization. Azure Security Center disk encryption monitoring identifies non-compliant virtual machines (VMs) and recommends enabling disk encryption for these VMs in order to enhance data protection.
Audit
To determine if "Monitor Disk Encryption" feature is enabled within Azure Security Center, perform the following actions
Remediation / Resolution
To enable disk encryption monitoring and recommendations for your Microsoft Azure virtual machines (VMs), perform the following actions:
References
- Azure Official Documentation
- Working with security policies
- Apply disk encryption in Azure Security Center
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

You are auditing:
Enable Disk Encryption Monitoring
Risk level: Medium