Ensure that Azure Data Explorer uses double encryption in Azure Kusto Cluster

MEDIUM

Description

Azure Data Explorer in Kusto Cluster does not have double encryption enabled, this may compromise sensitive data.

Remediation

In Azure Console -

Open the Azure Portal and go to Data Explorer Clusters.
Choose the cluster you wish to edit.
Under Security + Networking, select Security.
Set Double Encryption to On.
Select Save.

In Terraform -

In the azurerm_kusto_cluster resource, set double_encryption_enabled to true.

References:
https://learn.microsoft.com/en-us/azure/data-explorer/cluster-encryption-double?WT.mc_id=Portal-Microsoft_Azure_Kusto&tabs=portal
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kusto_cluster#double_encryption_enabled

Policy Details

Rule Reference ID: AC_AZURE_0298

CSP: Azure

Remediation Available: Yes

Domain: Data Protection

Resource: azurerm_kusto_cluster

Resource Category: Analytics

Resource Type: Kusto Cluster

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0