Ensure default network access rule for Storage Accounts is set to deny

Dome9 rules are powered by the Governance Specification Language (GSL). GSL allows our customers to write and run custom security and compliance checks that can be easily read
Learn more:
Compliance Engine
GSL Language
Remediation
1. Go to Storage Accounts
2. For each storage account, Click on the settings menu called Firewalls and virtual networks.
3. Ensure that you have elected to allow access from Selected networks.
4. Add rules to allow traffic from specific network.
5. Click Save to apply your changes.
Azure Command Line Interface 2.0 Use the below command to update default-action to Deny.
References
https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security
Related Links:
About Azure storage accounts
Azure Storage Account
An Azure storage account provides a unique namespace to store and access your Azure Storage data objects. All objects in a storage account are billed together as a group. By default, the data in your account is available only to you, the account owner.
Compliance Frameworks

