The foremost important aspect of SQL Azure or on-premise environment is security. As we come across many companies being concerned more about performance alone, another important aspect to consider is the security perspective as well.
We would now do a quick walk-through of some of the key security features which are available in SQL Azure as listed below :
Threat Protection: Data Dictionary & Classification
Server Level Auditing
Dynamic Data Masking
Threat Protection: Vulnerability Assessment
Threat Protection: Thread Deduction
Firewall: Access to azure services
Firewall: Client IP access
Transparent data encryption by default is enabled in the new SQL Azure environment. TDE helps to protect database by blocking unknown connections to SQL database. TDE performs real time encryption & decryption while sending or receiving data. For more information about data encryption, following article would be a good read
Data dictionary & classification:
One of the important security features which is available on SQL azure. Currently it is in preview. This feature helps to identify the user connections accessing sensitive data. This feature helps financial organisations to track users accessing highly sensitive data, for example- Amount, address, phone numbers, etc.,
Server level Audit:
Audit helps to manage database usage as per the compliance or regulation by tracking database changes used for future investigation and analysis.
Dynamic data masking:
This feature helps to mask or hide the actual data from a particular or group of users. We can mask data like email ID, phone number etc to protect data breach. For more information about data masking do follow the below link
VA helps to identify the security gaps in SQL azure environment. Enabling this feature helps to report in case of any vulnerability. VA comes along with the solution.
It helps to detect anonymous connections accessing SQL azure database. Notification options are also available.
Lots of options are available on Azure cloud to restrict client access to SQL database. By default, it allows all client IPs to access SQL database. Restricting or limiting the IPs is feasible through various options both in the database and server level firewall.
Contact Geopits for any security implementation, audit or compliance management.