Data
Reader small image

You're reading from  Professional Azure SQL Database Administration

Product typeBook
Published inJul 2018
Reading LevelBeginner
PublisherPackt
ISBN-139781789538854
Edition1st Edition
Languages
SQL
Tools
Azure
Concepts
Database Administration
Right arrow
Author (1)
Ahmad Osama
Ahmad Osama
author image
Ahmad Osama

Ahmad Osama works for Pitney Bowes Pvt. Ltd. as a technical architect and is a former Microsoft Data Platform MVP. In his day job, he works on developing and maintaining high performant, on-premises and cloud SQL Server OLTP environments as well as deployment and automating tasks using PowerShell. When not working, Ahmad blogs at DataPlatformLabs and can be found glued to his Xbox.
Read more about Ahmad Osama

Right arrow

Chapter 5. Securing an Azure SQL Database

Security is a major concern for organizations when migrating to the cloud, and so organizations are hesitant to move to this form of storage. Microsoft provides strong security protection at the physical, logical, and data layers of Azure services. Microsoft data centers are among the most secure data centers in the world.

Azure SQL Database provides multiple layers of security to control access to the databases using SQL Server or Active Directory ( AD) authentication as well as firewall rules, which limits access to the data through role-based permissions and Row-Level Security.

Azure SQL Database provides proactive security using Dynamic Data Masking, automating auditing, and Threat Detection.

It also provides Transparent Data Encryption to encrypt the data at rest and Always Encrypted to encrypt the data at rest or in motion.

This chapter teaches the students about all of these security mechanisms and how to implement and use them to secure...

Access Control

Azure SQL Database limits access to the database through firewall rules, which are authentication techniques which require users to log in to the database with a valid username and password. Azure SQL Database further controls access to the underlying data through role-based permissions and Row-Level security. We'll now look into different access control methods in detail.

Firewall Rules

Azure SQL Database uses firewall rules to limit access to authorized IPs and block access to unauthorized IPs. It's the first level of access control provided by Azure SQL Database. The firewall rules can be created at the server-level and at the database-level.

When a SQL database is provisioned, it's inaccessible to everyone. To make it accessible, you would first need to add a server-level firewall rule. A firewall allows an IP or range of IP addresses to connect to an Azure SQL Database. You can then create database firewall rules to enable certain clients to access individual secure...

Proactive Security

Azure SQL Database provides Auditing and Threat detection to proactively protect it from malicious attacks.

Auditing

Auditing tracks and records database events to an audit log in a given Azure Storage account. Auditing can help you to:

  • Maintain regulatory compliance

  • Understand database activity

  • Catch discrepancies or anomalies indicating a security violation

Auditing allows you to:

  • Define what database actions are to be audited

  • Find unusual activity or trends by using preconfigured reports and dashboards to understand and analyze the audit log

Auditing can be configured at the server-level and database-level. If auditing is configured at the server level, it'll automatically apply to all of the databases in the server. Auditing configured at the database will only apply to a particular database.

It's recommended to audit the server instead of auditing individual databases.

Configure Auditing for Azure SQL Server

In this section, we’ll configure auditing for the toyfactory...

Summary

Security is one of the deciding factors for an organization when opting to put their data in the cloud. Microsoft provides the best security by not only securing the Azure SQL Database, but by also securing the data centers.

To connect to an Azure SQL Database, the machines or the client IP address should exist in the firewall settings. If not, the connection request is denied.

Azure SQL Database allows SQL and Windows Authentication as well. An organization can sync their domain with Azure, thereby allowing users to connect from domain accounts instead of SQL logins. Organizations can also create Active Directory Groups and give access to the group instead of giving access to individual user domain accounts.

In addition to this, you can use Row-Level security and dynamic data masking to further secure the data by allowing users to only see the data they need in order to do their work.

Azure SQL Database also provides proactive monitoring to detect threats such as SQL injection as and...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 8 of 13
Next Chapter
You have been reading a chapter from
Professional Azure SQL Database Administration
Published in: Jul 2018Publisher: PacktISBN-13: 9781789538854
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Ahmad Osama

Ahmad Osama works for Pitney Bowes Pvt. Ltd. as a technical architect and is a former Microsoft Data Platform MVP. In his day job, he works on developing and maintaining high performant, on-premises and cloud SQL Server OLTP environments as well as deployment and automating tasks using PowerShell. When not working, Ahmad blogs at DataPlatformLabs and can be found glued to his Xbox.
Read more about Ahmad Osama

Other recommended products

Related to this chapter

Professional Azure SQL Database Administration

Professional Azure SQL Database Administration

This book is your one-stop solution to learning all that is needed to migrate a traditional on-premise SQL server database to a cloud-based solution with Microsoft Azure. Built with database administrators in mind, this book emulates different scenarios you might come across while working with large, complex SQL database migrations and provides solutions for effectively managing the migrated databases.

BookJul 2019562 pages
Professional Azure SQL Managed Database Administration

Professional Azure SQL Managed Database Administration

Whether it is learning different techniques to monitor and tune an Azure SQL database or improving performance using in-memory technology, this book will enable you to make the most out of Azure SQL database features and functionality for data management solutions.

BookMar 2021724 pages
Azure Data Engineering Cookbook

Azure Data Engineering Cookbook

This book will help you design and implement modern ETL workflows along with data management, monitoring, and security aspects to meet the current organization's needs. You will use various services such as Azure Data Factory, Azure Databricks, Azure Stream Analytics, and Azure Data Explorer to design efficient data processing solutions.

BookApr 2021454 pages
Professional SQL Server High Availability and Disaster Recovery

Professional SQL Server High Availability and Disaster Recovery

The Professional SQL Server High Availability and Disaster Recovery book explains the high availability and the disaster recovery technologies, their technical implementation, and different topologies that you can use when creating a highly available infrastructure with hybrid topologies.

BookJan 2019564 pages
Learning Microsoft Azure Storage

Learning Microsoft Azure Storage

Microsoft Azure Storage is the bedrock of Microsoft's core storage solution offering in Azure. No matter what solution you are building for the cloud, you'll find a compelling use for Azure Storage. This book will help you get up-to-speed quickly on Microsoft Azure Storage by teaching you how to use the different storage services. You will be able to leverage secure design patterns based on real-world scenarios and develop a strong storage foundation for Azure virtual machines.

BookNov 2017276 pages
Learn T-SQL Querying

Learn T-SQL Querying

T-SQL is an extension of the SQL language which allows you to tackle advanced querying and query-tuning challenges in SQL Server and Azure SQL Database. This book will be a perfect reference for you to write more efficient T-SQL code to perform simple-to-advanced tasks for data management and data analysis.

BookMay 2019484 pages
Learn Microsoft Azure

Learn Microsoft Azure

Microsoft Azure is a cloud computing platform that helps you build, deploy, and manage applications to overcome your business challenges. This book covers the commonly used Azure services and also explains how you effectively integrate and utilize them.

BookDec 2018354 pages
Hands-On Cloud Administration in Azure

Hands-On Cloud Administration in Azure

Cloud offers new opportunities and more and more features every day. All services hosted in local Data Centers are now available in Azure. In this book, we’ll show you how to work in Azure and how to use Azure resources to your advantage.

BookOct 2018390 pages
SQL Server 2019 Administrator's Guide

SQL Server 2019 Administrator's Guide

This book will give you all the information you need to become an expert database administrator and master the administrative aspects of SQL Server 2019. From setting up and configuring your SQL Server instance to fine-tuning your database, this extensive guide will teach you the nitty-gritty of SQL Server 2019 administration.

BookSep 2020522 pages
Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond

Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond

Microsoft Azure Architect - Exam Guide AZ-303 is a complete guide to mastering topics related to Azure Architect practices. With detailed coverage of concepts and techniques, you’ll gain the knowledge and skills required to take and pass the AZ-303 exam and become a Microsoft Azure Architect expert.

BookDec 2020548 pages
SQL Server 2017 Administrator's Guide

SQL Server 2017 Administrator's Guide

This book will give you all the information you need to become an expert database administrator, and master the administrative aspects of SQL Server 2017. From setting up and configuring your SQL Server instance to fine-tuning your database, this extensive guide will teach you the nitty-gritty of SQL Server 2017 administration.

BookDec 2017434 pages
SQL Server on Azure Virtual Machines

SQL Server on Azure Virtual Machines

This book will teach you how to harness the capabilities of SQL Server and the cloud database by taking you through the steps to deploy the server in Azure virtual machine effectively.

BookJun 2020200 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages