Determine Storage Security Posture Goals
Implementation Effort: Medium — Requires collaboration between security, compliance, and IT teams to define goals, enable posture management features, and monitor progress.
User Impact: Low — Posture goals are defined and managed by administrators; no direct user interaction is required.
Overview
Determining storage security posture goals in Microsoft Defender for Storage involves setting clear objectives for protecting data stored in Azure Blob Storage and Data Lake Storage. These goals are part of a broader Data Security Posture Management (DSPM) strategy, which is included in the Defender for Storage and Defender CSPM plans.
Key posture goals include:
- Visibility: Automatically discover all storage accounts, including shadow and unmanaged resources, across Azure and multicloud environments.
- Sensitivity Awareness: Identify and classify sensitive data using Microsoft Purview’s built-in sensitive information types (SITs).
- Exposure Assessment: Evaluate how data is exposed (e.g., public access, shared links, misconfigured permissions).
- Threat Detection: Detect suspicious activities such as unusual access patterns, malware uploads, or configuration changes.
- Risk Prioritization: Use attack path analysis and contextual insights to focus on the most critical risks, such as internet-exposed VMs with access to sensitive data stores.
- Compliance Alignment: Map posture goals to regulatory requirements and internal policies to ensure continuous compliance.
These goals help organizations proactively reduce the risk of data breaches and ensure that storage accounts are continuously monitored and protected.
This activity supports the Zero Trust principle of "Verify Explicitly" by continuously evaluating data sensitivity, access patterns, and configuration risks to maintain a strong security posture.