prevasio-sql-server

Region: eastus
Overview
Critical
0
High
1
Medium
3
Low
0
Informational
0
Security issues (4)
Severity Non-Compliance Issue Remediation Read more Action
Medium CIS 4.4.2 PCI DSS (Old Protocols) HIPAA (Encryption) SQL Server has TLS version 1.1, which is lower than the desired TLS version 1.2. To comply with the industry standards, ensure TLS 1.2 or higher is used for all TLS connections to SQL Servers. More info
Medium CIS 4.1.6 PCI DSS 10.2 HIPAA (Audit) SQL Server Auditing retention is 10 days, while the recommended limit is 90 days. To fulfill HIPAA requirements on secure audit record for read/write/delete activities in the system, ensure that SQL Servers have a sufficient log data retention period, i.e. 90 days or more. More info
Medium SQL Server has no automatic tuning configured for indexes createIndex, dropIndex, forceLastGoodPlan. To monitor database queries and improve database workload performance, ensure that SQL Servers have automatic tuning enabled. More info
High CIS 4.1.2 SQL Server is open to outside traffic. In order to eliminate the exposure from the public Internet, ensure that your SQL Database Servers are accessible through private endpoints instead of public IP addresses or service endpoints. More info