Ensure that your Microsoft Azure SQL managed instances are using the latest supported version of the TLS protocol (i.e. TLS 1.2) for inbound connections in order to enhance security by providing stronger encryption, protecting data integrity, reducing vulnerabilities to cyber attacks, and maintaining compatibility with modern browsers.
The Transport Layer Security (TLS) protocol addresses network security problems such as tampering and eavesdropping between a client and a server. Using weak and deprecated TLS protocols can increase opportunities for malicious activities such as hacking, Man-in-the-Middle (MITM), and downgrade attacks. Therefore, it is strongly recommended to use the latest TLS version supported by Microsoft Azure SQL.
Audit
To determine the TLS version configured for your Microsoft Azure SQL managed instances, perform the following operations:
Remediation / Resolution
To ensure that your Microsoft Azure SQL managed instances are using the latest supported version of the TLS protocol, perform the following operations:
References
- Azure Official Documentation
- What is Azure SQL?
- Configure minimal TLS version in Azure SQL Managed Instance
- Azure Command Line Interface (CLI) Documentation
- az sql mi list
- az sql mi show
- az sql mi update