You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
description: Use the Azure database security checklist to make sure that you address important cloud computing security issues.
4
4
services: security
5
5
documentationcenter: na
6
-
author: unifycloud
7
-
manager: barbkess
8
-
editor: tomsh
6
+
author: terrylanfear
7
+
manager: rkarlin
9
8
10
9
ms.assetid:
11
-
ms.service: information-protection
12
-
ms.subservice: aiplabels
10
+
ms.service: security
11
+
ms.subservice: security-fundamentals
13
12
ms.topic: article
14
13
ms.tgt_pltfrm: na
15
14
ms.workload: na
16
-
ms.date: 11/21/2017
17
-
ms.author: tomsh
15
+
ms.date: 01/29/2023
16
+
ms.author: terrylan
18
17
---
19
18
20
19
# Azure database security checklist
21
20
22
-
To help improve security, Azure Database includes a number of built-in security controls that you can use to limit and control access.
21
+
To help improve security, Azure Database includes many built-in security controls that you can use to limit and control access.
23
22
24
-
These include:
23
+
Security controls include:
25
24
26
-
- A firewall that enables you to create [firewall rules](/azure/azure-sql/database/firewall-configure) limiting connectivity by IP address,
27
-
- Server-level firewall accessible from the Azure portal
28
-
- Database-level firewall rules accessible from SSMS
29
-
- Secure connectivity to your database using secure connection strings
30
-
- Use access management
31
-
- Data encryption
32
-
- SQL Database auditing
33
-
- SQL Database threat detection
25
+
* A firewall that enables you to create [firewall rules](/azure/azure-sql/database/firewall-configure) limiting connectivity by IP address,
26
+
* Server-level firewall accessible from the Azure portal
27
+
* Database-level firewall rules accessible from SSMS
28
+
* Secure connectivity to your database using secure connection strings
29
+
* Use access management
30
+
* Data encryption
31
+
* SQL Database auditing
32
+
* SQL Database threat detection
34
33
35
34
## Introduction
36
35
Cloud computing requires new security paradigms that are unfamiliar to many application users, database administrators, and programmers. As a result, some organizations are hesitant to implement a cloud infrastructure for data management due to perceived security risks. However, much of this concern can be alleviated through a better understanding of the security features built into Microsoft Azure and Microsoft Azure SQL Database.
37
36
38
37
## Checklist
39
-
We recommend that you read the [Azure Database Security Best Practices](/azure/azure-sql/database/security-best-practice) article prior to reviewing this checklist. You will be able to get the most out of this checklist after you understand the best practices. You can then use this checklist to make sure that you've addressed the important issues in Azure database security.
38
+
We recommend that you read the [Azure Database Security Best Practices](/azure/azure-sql/database/security-best-practice) article prior to reviewing this checklist. You'll be able to get the most out of this checklist after you understand the best practices. You can then use this checklist to make sure that you've addressed the important issues in Azure database security.
40
39
41
40
42
41
|Checklist Category| Description|
@@ -52,11 +51,11 @@ We recommend that you read the [Azure Database Security Best Practices](/azure/a
52
51
|<br>Microsoft Defender for Cloud| <ul><li>[Data Monitoring](../../security-center/security-center-remediate-recommendations.md) Use Microsoft Defender for Cloud as a centralized security monitoring solution for SQL and other Azure services.</li></ul>|
53
52
54
53
## Conclusion
55
-
Azure Database is a robust database platform, with a full range of security features that meet many organizational and regulatory compliance requirements. You can easily protect data by controlling the physical access to your data, and using a variety of options for data security at the file-, column-, or row-level with Transparent Data Encryption, Cell-Level Encryption, or Row-Level Security. Always Encrypted also enables operations against encrypted data, simplifying the process of application updates. In turn, access to auditing logs of SQL Database activity provides you with the information you need, allowing you to know how and when data is accessed.
54
+
Azure Database is a robust database platform, with a full range of security features that meet many organizational and regulatory compliance requirements. You can easily protect data by controlling the physical access to your data, and using various options for data security at the file-, column-, or row-level with Transparent Data Encryption, Cell-Level Encryption, or Row-Level Security. Always Encrypted also enables operations against encrypted data, simplifying the process of application updates. In turn, access to auditing logs of SQL Database activity provides you with the information you need, allowing you to know how and when data is accessed.
56
55
57
56
## Next steps
58
57
You can improve the protection of your database against malicious users or unauthorized access with just a few simple steps. In this tutorial you learn to:
59
58
60
-
- Set up [firewall rules](/azure/azure-sql/database/firewall-configure) for your server and or database.
61
-
- Protect your data with [encryption](/sql/relational-databases/security/encryption/sql-server-encryption).
1. Navigate to [Publisher Support](https://support.microsoft.com/en-us/getsupport?wf=0&tenant=ClassicCommercial&oaspworkflow=start_1.0.0.0&locale=en-us&supportregion=en-us&pesid=16230&ccsid=636450758943226673) and sign in with your Microsoft credentials.
22
-
2. Select "Security Event" as the Problem Type and choose between the "Security Incident" and "Vulnerability" categories.
20
+
Visit the [Microsoft Security Response Center](https://msrc.microsoft.com/create-report) (MSRC) to report a security specific issue.
23
21
24
-
25
-
26
-
3. After you select the Problem Type and Category, click the '**Start request**' button. Provide the following information to help us better understand the issue.
27
-
28
-
i. What is the problem and/or vulnerability?
29
-
30
-
ii. For vulnerabilities, please provide the CVE (mitre.org) or the filled out CVSS3 v3 calculator (https://www.first.org/cvss/calculator/3.0).
31
-
32
-
iii. Is there a resolution or mitigation? If yes, then please provide the remediation steps.
33
-
34
-
iv. Do you have a message that you want to send to customers? We will work with you to craft an appropriate message if applicable.
35
-
36
-
4. Submission confirmation - Once you have submitted your issue, we will acknowledge receipt within one business day and assign your issue a priority and severity.
37
-
38
-
- If you need to communicate with us about your issue, use the confirmation number in all correspondence.
39
-
- You can view progress on your issue at any time.
40
-
41
-
5. What happens next? Depending on the issue and severity, the following steps may be taken:
42
-
43
-
- We will communicate the outcome of our assessment to you. Depending on the outcome, we may remove or request that you modify your offering. In this event, we will work with you to ensure that disruption to impacted customers is minimized.
44
-
- We will work with you to help mitigate the impact of the incident/vulnerability for our mutual customers.
22
+
You can also create a tailored, Azure support request in the Azure portal. Visit the Azure portal [here](https://ms.portal.azure.com/#create/Microsoft.Support). Follow the prompts to receive recommended solutions or to log a support request.
45
23
24
+
## Next steps
25
+
[MSRC](https://msrc.microsoft.com/create-report) is part of the security community. Learn how MSRC helps to protect customers and the broader ecosystem.
0 commit comments