Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Severity : High

Description: Enabling This control ensures that Advanced Data Security on all SQL Servers ensures that SQL server data is encrypted and monitored for unusual activity, vulnerabilities, and threats. Remediation Steps : Ensure that Advanced Data Security is enabled for all SQL Servers.feature is enabled within Azure SQL server configuration to provide advanced SQL security capabilities useful for discovering and classifying sensitive data, Vulnerability Assessment services used for detecting abnormal activities that could indicate a threat to SQL databases. The Advanced Data Security enables to receive notification alert to detect suspicious database activity, potential vulnerabilities, SQL injection attacks, and anomalous database access.

Remediation Steps:

Perform following to configure Advance data security :

  1. Login to Azure Portal usingĀ https://portal.azure.com.

  2. Navigate to Azure SQL database.

  3. Select the server from the list and open the configuration page for the server.

  4. In Security settings, Select Microsoft Defender for Cloud.

  5. On Microsoft Defender for Cloud page , select Enable Microsoft Defender for SQL.

  6. Select Configure.

  7. Under ADVANCED THREAT PROTECTION SETTINGS, select Add your contact details to the subscription's email settings in Defender for Cloud and add the contact emails to receive notifications.

  8. Customize the severity of alerts that will trigger notifications to be sent under Notification types.

  9. Select Save.

Important:

Reference: