Ensure that Microsoft Azure SQL databases have a sufficient Point in Time Restore (PITR) backup retention period configured for security and compliance purposes. Azure SQL service automatically creates database backups that are kept between 7 and 35 days. The SQL service uses Azure read-access geo-redundant storage (RA-GRS) to ensure that the backups are preserved even if the primary datacenter becomes unavailable. Prior to running this rule by the Cloud Conformity engine, the PITR backup retention period must configured within the rule settings, on the Cloud Conformity account dashboard. The supported values are: 1, 7, 14, 21, 28 and 35 days. Azure default backup short term retention days setting is 7.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
Having an optimal backup retention period set for Azure SQL databases will enforce your backup strategy to follow the best practices as specified in the compliance regulations promoted within your organization. Retaining point-in-time SQL database backups for a longer period of time will allow you to handle more efficiently your data restoration process in the event of a failure.
To determine if your Azure SQL databases have a sufficient PITR backup retention period configured, perform the following actions:
Remediation / Resolution
To configure the right Point in Time Restore (PITR) backup retention period for your Microsoft Azure SQL database servers, perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Check for Sufficient Point in Time Restore (PITR) Backup Retention Period
Risk level: Medium