prevasio-postgresql-server
Region: eastus2
Overview
Critical
0High
4Medium
6Low
0Informational
0Security issues (10)
| Severity | Non-Compliance | Issue | Remediation | Read more | Action |
|---|---|---|---|---|---|
| High | — | PostgreSQL Server has no geo-redundant backup storage enabled. | To allow you to restore your PostgreSQL Servers to a different Azure region in the event of a regional outage or a disaster, ensure the geo-redundant backups are enabled for all PostgreSQL Database Servers. | More info | |
| High | CIS 4.3.1 PCI DSS 4.2 HIPAA (Encryption) | PostgreSQL Server is not configured to have its data in-transit encrypted. | To fulfill HIPAA requirements for all data to be transmitted over secure channels, ensure that PostgreSQL Server is set to use SSL for data transmission. | More info | |
| Medium | — | PostgreSQL Server uses no Active Directory administrator. | To centrally manage identity and access to your PostgreSQL database servers, ensure that PostgreSQL Servers use an Active Directory administrator. | More info | |
| Medium | — | PostgreSQL Server has no "connection_throttling" server parameter specified. | To enable temporary connection throttling per IP address for too many invalid login failures, ensure "connection_throttling" parameter is enabled for all PostgreSQL Database Servers. | More info | |
| Medium | — | PostgreSQL Server has no "log_checkpoints" server parameter specified. | To allow checkpoints and restart points to be logged in the PostgreSQL server log, ensure "log_checkpoints" parameter is enabled for all PostgreSQL Database Servers. | More info | |
| Medium | — | PostgreSQL Server has no "log_connections" server parameter specified. | To allow each attempted connection to the database server to be logged, ensure "log_connections" parameter is enabled for all PostgreSQL Database Servers. | More info | |
| Medium | — | PostgreSQL Server has no "log_disconnections" server parameter specified. | To allow the logging of session termination, ensure "log_disconnections" parameter is enabled for all PostgreSQL Database Servers. | More info | |
| Medium | — | PostgreSQL Server has no "log_duration" server parameter specified. | To allow recording the duration of each completed PostgreSQL statement, ensure "log_duration" parameter is enabled for all PostgreSQL Database Servers. | More info | |
| High | — | PostgreSQL Server does not have a sufficient log retention period: 1 day, while the recommended minimum is 4 days or more. | For reliability and compliance purposes, ensure that all your PostgreSQL Servers have a sufficient log retention period, i.e. greater than 3 days. | More info | |
| High | — | PostgreSQL Server has Storage Auto-Growth feature disabled. | To prevent your PostgreSQL Servers from running out of storage and becoming read-only, ensure that all your PostgreSQL Servers have Storage Auto-Growth feature enabled. | More info |