💼 8.4 Ensure the key vault is recoverable

Contextual name: 💼 8.4 Ensure the key vault is recoverable
ID: /frameworks/cis-azure-v1.1.0/08/04
Located in: 💼 8 Other Security Considerations

Description

The key vault contains object keys, secrets and certificates. Accidental unavailability of a key vault can cause immediate data loss or loss of security functions (authentication, validation, verification, non-repudiation, etc.) supported by the key vault objects.

It is recommended the key vault be made recoverable by enabling the "Do Not Purge" and "Soft Delete" functions. This is in order to prevent loss of encrypted data including storage accounts, SQL databases, and/or dependent services provided by key vault objects (Keys, Secrets, Certificates) etc., as may happen in the case of accidental deletion by a user or from disruptive activity by a malicious user.

Similar

Internal
- ID: dec-c-97342046

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 Azure Key Vault Soft Delete and Purge Protection functions are not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0be4dfe5	1

Description​

Similar​

Sub Sections​

Policies (1)​

Internal Rules​

Description

Similar

Sub Sections

Policies (1)

Internal Rules