Disable public network access for App Configuration so that it isn't accessible over the public internet. This configuration helps protect them against data leakage risks. You can limit exposure of the your resources by creating private endpoints instead. Learn more at: https://aka.ms/appconfig/private-endpoint.
A financial institution must design internal control procedures and implement appropriate technology in all applications and access points to enforce DLP policies and trigger any policy violations. The technology deployed must cover the following:
(a) data in-use - data being processed by IT resources;
(b) data in-motion - data being transmitted on the network; and
(c) data at-rest - data stored in storage mediums such as servers, backup media and databases.