Skip to main content

Azure Virtual Machines - Encryption Enabled but Still Showing as Non-Compliant

This guide explains why your Azure Virtual Machine monitor might flag encryption as incomplete

Updated over 7 months ago

Why This Happens

The monitor Azure Virtual Machines | Encryption at host is enabled checks specifically for “Encryption at host”.

Even if other forms of encryption are enabled, the monitor will show as non-compliant if Encryption at host is not turned on.

This setting ensures data is encrypted in transit between the host and storage.

What You Need to Do

Step 1: Enable Encryption at Host

1. Log in to your Azure Virtual Machine Portal

2. Navigate to Virtual Machines

3. Select your VM, then go to the Disks section

4. Enable Encryption at host

Tip: If enabling Encryption at host results in an error like the one shown below, follow this Microsoft guide for step-by-step instructions to resolve it.

Related Articles
AWS Cloudtrail - Storage Audit Logs Showing as Non-Compliant
Microsoft EntraID - MFA Appears as Not Enforced in Azure AD
Microsoft EntraID - MFA Enabled but Still Showing as Non-Compliant
Did this answer your question?