Ensure that 'Data encryption' is set to 'On' on a SQL Database
Why This Matters
Without transparent data encryption, your SQL databases store data in plaintext on disk, making backups and transaction logs vulnerable to unauthorized access if physical media is stolen or improperly disposed of. Enabling encryption at rest ensures that even if an attacker gains access to storage files, the data remains unreadable without the encryption keys. This is a fundamental protection for sensitive data in regulated environments.
What Aether365 Checks
Aether365 verifies that the Data Encryption setting is enabled for each Azure SQL Database in your subscription. This check appears in the Aether365 dashboard under the azure-sql-server compliance group.