It's recommended to enable all Advanced Threat Protection types on your SQL Managed Instance. Enabling all types protects against SQL injection, database vulnerabilities, and any other anomalous activities.
Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s)
Assessments count: 1 Assessment Id: ebe970fe-9c27-4dd7-a165-1e943d565e10 DisplayName: All advanced threat protection types should be enabled in SQL managed instance advanced data security settings Description: It is recommended to enable all advanced threat protection types on your SQL managed instances. Enabling all types protects against SQL injection, database vulnerabilities, and any other anomalous activities. Remediation description: To set advanced threat protection types to 'All' on a managed instance: 1. Select the SQL server. 2. Make sure that 'Advanced data security' is set to 'On'. 3. Under 'Advanced threat protection types', mark the check box for 'all'. 4. click OK. 5. Select 'Save'. Categories: Data Severity: Medium User impact: High Implementation effort: Low Threats: DataExfiltration, DataSpillage, MaliciousInsider, ThreatResistance
The following 4 compliance controls are associated with this Policy definition '[Deprecated]: Advanced Threat Protection types should be set to 'All' in SQL Managed Instance advanced data security settings' (bda18df3-5e41-4709-add9-2554ce68c966)
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more
Implement Mechanisms to Detect Anomalous Activities in ICT Systems
Shared
n/a
Establish mechanisms to detect anomalous activities within information and communication technology (ICT) systems, including network performance issues and ICT-related incidents. Additionally, identify potential material single points of failure to enhance overall system resilience and response capabilities.
Establish Multi-Layered Detection Mechanisms for ICT Incidents
Shared
n/a
Implement detection mechanisms that provide multiple layers of control, defining alert thresholds and criteria to trigger information and communication technology (ICT) related incident response processes. This includes automated alert mechanisms to notify resources managing ICT-related incidents.
Establish Procedures for Managing the Security of System Operations
Shared
n/a
Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions.
Establish Protective Measures for Administrator Privileges and Security Configurations
Shared
n/a
Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations.
431
No results
Initiatives usage
Rows: 1-2 / 2
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more
displayName: "[Deprecated]: Advanced Threat Protection types should be set to 'All' in SQL Managed Instance advanced data security settings",
policyType: "BuiltIn",
mode: "Indexed",
description: "It's recommended to enable all Advanced Threat Protection types on your SQL Managed Instance. Enabling all types protects against SQL injection, database vulnerabilities, and any other anomalous activities.",