Minimum TLS version for storage accounts should be set to Version 1.2

Description

By default, Azure Storage sets the minimum TLS version to TLS 1.0, which is a legacy version with known vulnerabilities. However, it is possible to configure the minimum TLS version to a later protocol, such as TLS 1.2. When a storage account is created through the Azure portal, the MinimumTlsVersion property is automatically set to TLS 1.2. However, if the storage account is created using PowerShell or the CLI, the property is not set and defaults to TLS 1.0.

Remediation

From Azure Console

  1. Log in to the Azure Portal at https://portal.azure.com
  2. Go to Storage Accounts
  3. Click on each Storage Account
  4. Under the Setting section, Click Configuration
  5. Set the “minimum TLS version” to be version 1.2