Disabling public network access improves security by ensuring that a managed disk isn't exposed on the public internet. Creating private endpoints can limit exposure of managed disks. Learn more at: https://aka.ms/disksprivatelinksdoc.
A financial institution must design internal control procedures and implement appropriate technology in all applications and access points to enforce DLP policies and trigger any policy violations. The technology deployed must cover the following:
(a) data in-use - data being processed by IT resources;
(b) data in-motion - data being transmitted on the network; and
(c) data at-rest - data stored in storage mediums such as servers, backup media and databases.