Managed disks both attached / unattached may contain sensitive information, and companies must use customer-managed keys to ensure proper key management. For example, key rotation, key vault monitoring, etc.
On Azure Portal
- Go to Disks under resources.
- Select the disk you want to remediate
- Select Encryption under Settings.
- Under Encryption type, select Encryption at-rest with a customer-managed key.
- From the Disk encryption set drop-down, select an existing disk encryption set.
- Hit Save to save settings before exit