What's the issue?
One or more SQL Server databases have not been backed up in the last week, or one or more databases in Full or Bulk Logged recovery model have not had a transaction log backup in the last hour.
Why is this a problem?
Your recovery point objective (RPO) defines how much data you can afford to lose in case of a catastrophic event, so your should schedule regular backups to meet your RPO. Many organizations will have an RPO stricter than what we are checking, so this check may indicate that you have missed configuring a database to meet your RPO.
What should you do about this?
First, check with your team about your RPO to see what it is. Then review the current backup mechanisms to make sure they are scheduled correctly. You may find it helpful to use @Mode=2 in sp_CheckBackup to see when the different kinds of backups have been occurring.
Vulnerability
Category
What do the Vulnerability Levels mean?
0 - Information only. This is stuff you should know about your instances like version and service account used, but if you don't know it…well, now you do.
1 - High vulnerability requiring action. These are the issues that could most likely lead to your company being front page news for all the wrong reasons. If your instances have any results at this level then we recommend cancelling that 3-martini lunch and instead huddling with your team to figure out when to address these issues.
2 - High vulnerability to review. These include settings and assigned permissions you should review soon, if not immediately. These findings may not necessarily indicate a clear vulnerability, but we've found unexpected vulnerabilities in these categories at many, many clients.
3 - Potential vulnerability to review. These are configurations or assigned permissions you may be using that could lead to problems for users. Or maybe they're just required for your applications. Either way, we recommend reviewing these to make sure these are correct.
4 – Low vulnerability with recommended action. These are typically security inconsistencies that should be addressed. They aren't likely to cause problems, but you should clean up the mess.