Data protection

MySQL flexible server TLS version is not set to the default – v1.2

Platform(s)
Compliance Frameworks
  • Azure CIS
  • ,
  • Brazilian General Data Protection (LGPD)
  • ,
  • CCPA
  • ,
  • cis_8
  • ,
  • coppa
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • hdh
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Microsoft Cloud Security Benchmark
  • ,
  • Mitre ATT&CK
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • pipeda

Description

the TLS version for {AzureMySqlFlexibleServer} server, is not configured to v1.2. TLS connectivity helps to provide a new layer of security, by connecting database server to client applications using Transport Layer Security (TLS). Enforcing TLS connections between database server and client applications helps protect against 'man in the middle' attacks by encrypting the data stream between the server and application.