Some organizations are concerned about moving their data to the cloud because of perceived security risks and unfamiliarity with new security paradigms to DB administrators, programmers and application users. Most of the concerns can be addressed by the better understanding of security options available in Azure and SQL Azure.
Azure provides robust security protection and its datacenters are resilient to attack. Azure datacenters are compliant to various regulatory & security requirements like HIPPA, ISO & PCI to name a few and audited regularly. Microsoft uses built-in analytics and comprehensive methodology to detect and respond to malicious behavior within Azure. It’s important to note that, not all datacenters are compliant with all certifications, so choose Azure datacenter based on your requirements.
While Azure is providing secure platform for your data, its your responsibility to take steps to ensure application security.
In this article series, we will discuss different options available in SQL Azure to secure your data. Security can be categorized into below categories:
- Data Access
- Monitoring and logging
- Data Protection
We will look at following features
Data Access
- Restricting access using Firewall administration
- Authentication
- Managing Permissions
Monitoring and logging
- SQL Azure Auditing
Data Protection
- TDE (Transparent Data Encryption)
- Always Encrypted
- Row-Level Security
- Dynamic Data Masking
- In transit data encryption
Once you have a good understanding of your application’s security needs, you can choose appropriate features or combination of features to secure your data.