Policy drift occurs when a resource's state changes from compliant to non-compliant after deployment. This is often caused by manual overrides in the portal.
Automatic Remediation
Resources found in critical drift (e.g., PHI data on a public endpoint) will be automatically isolated into a Restricted Security Group.