last sync: 2023-Jun-07 17:44:43 UTC

Azure Policy definition

Azure SQL Database should be running TLS version 1.2 or newer

Name Azure SQL Database should be running TLS version 1.2 or newer
Azure Portal
Id 32e6bbec-16b6-44c2-be37-c5b672d103cf
Version 2.0.0
details on versioning
Category SQL
Microsoft docs
Description Setting TLS version to 1.2 or newer improves security by ensuring your Azure SQL Database can only be accessed from clients using TLS 1.2 or newer. Using versions of TLS less than 1.2 is not recommended since they have well documented security vulnerabilities.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Audit
Allowed
Audit, Disabled, Deny
RBAC
Role(s)
none
Rule
Aliases
IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Sql/servers/minimalTlsVersion Microsoft.Sql servers properties.minimalTlsVersion true
Rule
ResourceTypes
IF (1)
Microsoft.Sql/servers
Compliance The following 4 compliance controls are associated with this Policy definition 'Azure SQL Database should be running TLS version 1.2 or newer' (32e6bbec-16b6-44c2-be37-c5b672d103cf)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ACAT_Security_Policies ACAT_Security_Policies ACAT Security Policies Guidelines for M365 Certification Protecting systems and resources Shared n/a Ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy. link 24
RMiT_v1.0 Appendix_5.6 RMiT_v1.0_Appendix_5.6 RMiT Appendix 5.6 Control Measures on Cybersecurity Control Measures on Cybersecurity - Appendix 5.6 Customer n/a Ensure security controls for remote access to server include the following: (a) restrict access to only hardened and locked down end-point devices; (b) use secure tunnels such as TLS and VPN IPSec; (c) deploy ‘gateway’ server with adequate perimeter defences and protection such as firewall, IPS and antivirus; and (d) close relevant ports immediately upon expiry of remote access. link 19
SWIFT_CSCF_v2021 2.1 SWIFT_CSCF_v2021_2.1 SWIFT CSCF v2021 2.1 Reduce Attack Surface and Vulnerabilities Internal Data Flow Security n/a Ensure the confidentiality, integrity, and authenticity of application data flows between local SWIFT-related applications. link 14
SWIFT_CSCF_v2021 2.6 SWIFT_CSCF_v2021_2.6 SWIFT CSCF v2021 2.6 Reduce Attack Surface and Vulnerabilities Operator Session Confidentiality and Integrity n/a Protect the confidentiality and integrity of interactive operator sessions connecting to the local or the remote (operated by a service provider) SWIFT-related infrastructure or applications. link 8
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-03-11 18:16:48 change Major (1.0.1 > 2.0.0)
2020-10-27 14:12:45 change Patch (1.0.0 > 1.0.1) *changes on text case sensitivity are not tracked
2020-07-14 15:28:17 add 32e6bbec-16b6-44c2-be37-c5b672d103cf
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: SWIFT CSP-CSCF v2021 abf84fac-f817-a70c-14b5-47eec767458a Regulatory Compliance Preview BuiltIn
ACAT for Microsoft 365 Certification 80307b86-ab81-45ab-bf4f-4e0b93cf3dd5 Regulatory Compliance GA BuiltIn
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn
JSON