Improving your Database Security with Microsoft Azure

If you are interested in migrating to a cloud database but concerned about security issues, look no further. Hybrid and cloud native databases do have their own set of security concerns, but if you go with a trusted company and maintain it appropriately, you have nothing to fear. In fact, cloud databases can be more secure since they have access to the most advanced security protocols and automatic updates.

Cloud native databases, or DBaaS (Database as a Service) platforms are databases hosted and maintained by third party providers. Operating a DBaaS means that your company will access data through the internet instead of through your internal network. DBaaS solutions offer great benefits for organizations in today’s “Big Data” arena. DBaaS is more scalable and flexible than traditional VM databases. It also eliminates the hardware requirements of maintain a database system. It is crucial to understand and trust the security protocols of your cloud provider before making the switch.

Microsoft Azure is at the top of the list when it comes to cloud database offerings. It is a particularly good choice for the security conscious client. Microsoft in general, and particularly Azure, have a long history of prioritizing security for its products. Recent developments have made it even easier to manage than before, with SQL Advanced Threat Protection. This new service brings additional levels of access control, data masking/encryption, and threat detection.

The SQL Advanced Threat Protection package includes 3 services to help you identify and resolve security issues.

• SQL Vulnerability Assessment – This is a service that can help you identify and resolve vulnerability issues on your Azure SQL Databases. As part of the Advanced Threat Protection (ATP) package, it can help maintain an extra level of security for those concerned with regulation compliance or particularly dynamic database environments. The service can “flag security vulnerabilities and highlight deviations from best practices, such as misconfigurations, excessive permissions, and unprotected sensitive data.” The best part about the service is that it doesn’t just identify vulnerability issues, it prepares suggestions for remediation. Read more about the Microsoft SQL Vulnerability Assessment here.

• Data Discovery & Classification – This service scans your database to help you identify potentially sensitive information so that you can appropriately limit access and mask this information. It identifies the location of sensitive data and recommends additional action to improve the security on those columns. This is particularly useful for auditing purposes and can help those interested in GDPR compliance measures. Currently, this service is in preview, but it won’t be long before it is released for general availability. Read more about Data Discovery and Classification here.

• Threat Detection – This service monitors and alerts users to potentially threatening activity. It identifies vulnerabilities, attacks, unusual query patterns and access points and alerts users when these are identified. It also provides recommended actions to remedy the potential threats, really simplifying the protection process for the user. This service integrates with Azure Security Center to provide a seamless experience. Read more about SQL Database Threat Detection here.

These services compliment Azure Security Center to round out one of the most comprehensive security packages in the industry. With the value of sensitive data and the increasing regulations to protect that data, it’s more important than ever to make sure your system is up to the challenge. Dobler Consulting is a full spectrum database administration firm and a Microsoft Gold Partner. If you are interested in learning more about Microsoft Azure’s database and security give us a call. To learn more about how Dobler Consulting can help your company improve your database security, visit or call us at +1 (813) 322-3240 (US) /+1 (416) 646-0651 (Canada).

Leave a Comment

Your email address will not be published. Required fields are marked *