ASSOCIATED DRATA CONTROL
This test is part of the Encryption at Rest control (DCF-54) that ensures data at rest is encrypted using strong cryptographic algorithms.
WHAT TO DO IF A TEST FAILS
If Drata finds that one or more Azure SQL Server databases does not have encryption enabled in Azure, the test will fail.
STEPS TO REMEDIATE
Navigate to the 'SQL Databases’.
For each failing DB instance, click on ‘Transparent data encryption’
For each failing DB instance, set ‘Data encryption’, to ‘On’.
Center for Internet Security (CIS)
This is a test that aligns with the Center for Internet Security’s (CIS) benchmarks for Microsoft Azure, providing prescriptive guidance to establish a secure baseline configuration for Azure environments. These benchmarks are developed through a global, consensus-driven process involving cybersecurity experts to help organizations strengthen their defenses against potential threats in the cloud.