Today I had the opportunity to speak at SQL Saturday #877 in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was Running Azure SQL Database Securely and applied to Azure SQL DB and Azure SQL DB Managed Instances.
Some Resources Mentioned
- Azure is in 54 regions around the world
- Azure has met so many compliance standards, they had to get the UX team involved! #goodproblemtohave
- Who logged into my Azure SQL Database?
- Setting up Azure SQL Database auditing (prerequisite for the above technique to figure out who logged in)
- Enable baseline protection policies to better protect accounts
- Business Continuity
- Backing up my Azure SQL Databases (full backups)
- Automatic short-term (up to 35 days) backup window via Azure SQL Database Point in Time Restore
- Which services support Managed Identities? (works with Azure Active Directory – AAD)
- Azure SQL Database Managed Instances are not same as SQL Database
If you know your way around SQL Server, then you will find Azure SQL Database to be familiar territory. But some aspects are more familiar than others, which is especially true for security-related differences.
In this session we review the key differences around identity management and authentication (including multi-factor authentication), managing server credentials (or, even better, not needing to in some cases), how to audit logins (probably not what you expect), an overview of encryption and data masking options, and the supporting role of Azure Key Vault. We will also touch on compliance and disaster recovery to give the complete picture of powerful features you’ll definitely want to know about to protect your data.
This talk will cover relevant capabilities for both traditional Azure SQL Databases and the newer Azure SQL Managed Instances.
This talk assumes you are already familiar with SQL Server or another enterprise database.
(Credit Taiob Ali @SqlWorldWide)