How to resolve Sprinto check for configuring default network access rule to deny on the Azure storage accounts

About

Sprinto check: Ensure Default Network Access Rule for Storage Accounts is Set to Deny

The above-mentioned Sprinto check verifies that the default network access rule for your Azure storage accounts is set to "Deny." This setting controls the default behavior for network access to the storage account.

Purpose

The purpose of this check is to enforce a secure configuration for your Azure storage accounts by denying network access by default. Setting the default network access rule to "Deny" helps prevent unauthorized access to your storage accounts, reducing the risk of data breaches and unauthorized access to sensitive data. Only explicitly allowed network rules will be able to access the storage account.

How to fix this check

Follow the below steps to fix the Sprinto check:

Before you begin

• Ensure you have the administrator privileges to manage Azure storage account configuration.

Updating Storage Account Network Rules

1. Log in to the Azure Portal using your credentials.

2. Navigate to the Storage Accounts service.

3. Select your desired storage account.

4. Click Networking under the Security + Networking section.

5. Select the Firewall and virtual networks tab, then select the Enabled from selected virtual networks and IP addresses option, and define the IP address range for access to the cloud storage.

6. Click Save to apply the changes.

Sprinto will detect the configuration change and set the check status to "Passing."

Contact Sprinto support if you have any queries related to the check or need assistance.