my-sql-instance4

Overview
Critical
1
High
1
Medium
8
Low
1
Informational
0
Security issues (11)
Severity Non-Compliance Issue Remediation Read more Action
Medium SQL database instance is publicly accessible from all IP addresses. To fulfill HIPAA and PCI DSS requirements on strict access and integrity controls, ensure that all SQL instances are configured to accept connections from trusted networks and IP addresses only. More info
Medium HIPAA (Backup) SQL database instance has no backup run, and so it can not be restored to a recent point. To fulfill HIPAA requirements on restoring compromised services, ensure that all SQL instances are configured to have automated (scheduled) backups and can be restored to a recent point. More info
Medium CIS 6.7 SQL database instance does not have an automated backup enabled. Ensure that automated backups are enabled for all SQL database instances. More info
Medium SQL database instance does not have multi-AZ enabled. Ensure that all SQL instances are created with a secondary AZ to ensure proper failover. More info
Medium CIS 6.4 PCI DSS 4.2 HIPAA (Encryption) SQL database instance has SSL/TLS disabled. To fulfill HIPAA and PCI DSS requirements on strong cryptographic and security protocols for transmitting user data, enforce all incoming connections to your SQL database instances to use SSL/TLS only. More info
Medium CIS 6.3.7 SQL server database instance has "contained database authentication" flag enabled. To prevent any databases on the server from being contained, ensure the "contained database authentication" SQL Server engine flag is set to Off. More info
Medium CIS 6.3.2 SQL server database instance has "cross db ownership chaining" flag enabled. Unless all of the databases hosted by the SQL Server need to participate in cross-database ownership chaining, ensure the "cross db ownership chaining" SQL Server engine flag is disabled. More info
Critical SQL database instance SSL certificate has expired 34 days ago. Ensure that all incoming connections to your SQL database instances remain secure by rotating all the server certificates before they expire. More info
Medium CIS 6.6 SQL database instance has public IPs. To reduce the application's attack surface, ensure your SQL database instances are configured to use private IP addresses instead of public IPs. More info
Low SQL database instance has automatic storage increase limit set zero (no limit for storage growth). To prevent your SQL instance disk size from growing too large and increase service costs, ensure your SQL database instances are configured with an optimal automatic storage increase limit. More info
High PCI DSS 3.5 HIPAA (Encryption) SQL database instance is not encrypted using Customer-Managed Keys (CMK). To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your SQL database instances are encrypted using CMK. More info