Azure database security checklist
To help improve security, Azure Database includes many built-in security controls that you can use to limit and control access.
Security controls include:
- A firewall that enables you to create firewall rules limiting connectivity by IP address,
- Server-level firewall accessible from the Azure portal
- Database-level firewall rules accessible from SSMS
- Secure connectivity to your database using secure connection strings
- Use access management
- Data encryption
- SQL Database auditing
- SQL Database threat detection
Introduction
Cloud computing requires new security paradigms that are unfamiliar to many application users, database administrators, and programmers. As a result, some organizations are hesitant to implement a cloud infrastructure for data management due to perceived security risks. However, much of this concern can be alleviated through a better understanding of the security features built into Azure and Azure SQL Database.
Checklist
We recommend that you read the Azure Database Security Best Practices article prior to reviewing this checklist. You'll be able to get the most out of this checklist after you understand the best practices. You can then use this checklist to make sure that you've addressed the important issues in Azure database security.
Checklist Category | Description |
---|---|
Protect Data | |
Encryption in Motion/Transit |
|
Encryption at rest |
|
Control Access | |
Database Access |
|
Application Access |
|
Proactive Monitoring | |
Tracking & Detecting |
|
Microsoft Defender for Cloud |
|
Conclusion
Azure Database is a robust database platform, with a full range of security features that meet many organizational and regulatory compliance requirements. You can easily protect data by controlling the physical access to your data, and using various options for data security at the file-, column-, or row-level with Transparent Data Encryption, Cell-Level Encryption, or Row-Level Security. Always Encrypted also enables operations against encrypted data, simplifying the process of application updates. In turn, access to auditing logs of SQL Database activity provides you with the information you need, allowing you to know how and when data is accessed.
Next steps
You can improve the protection of your database against malicious users or unauthorized access with just a few simple steps. In this tutorial you learn to:
- Set up firewall rules for your server and or database.
- Protect your data with encryption.
- Enable SQL Database auditing.