You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/security/fundamentals/database-security-checklist.md
+11-11Lines changed: 11 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,20 +24,20 @@ To help improve security, Azure Database includes a number of built-in security
24
24
25
25
These include:
26
26
27
-
-A firewall that enables you to create [firewall rules](../../sql-database/sql-database-firewall-configure.md) limiting connectivity by IP address,
28
-
-Server-level firewall accessible from the Azure portal
29
-
-Database-level firewall rules accessible from SSMS
30
-
-Secure connectivity to your database using secure connection strings
31
-
-Use access management
32
-
-Data encryption
33
-
-SQL Database auditing
34
-
-SQL Database threat detection
27
+
-A firewall that enables you to create [firewall rules](../../sql-database/sql-database-firewall-configure.md) limiting connectivity by IP address,
28
+
-Server-level firewall accessible from the Azure portal
29
+
-Database-level firewall rules accessible from SSMS
30
+
-Secure connectivity to your database using secure connection strings
31
+
-Use access management
32
+
-Data encryption
33
+
-SQL Database auditing
34
+
-SQL Database threat detection
35
35
36
36
## Introduction
37
37
Cloud computing requires new security paradigms that are unfamiliar to many application users, database administrators, and programmers. As a result, some organizations are hesitant to implement a cloud infrastructure for data management due to perceived security risks. However, much of this concern can be alleviated through a better understanding of the security features built into Microsoft Azure and Microsoft Azure SQL Database.
38
38
39
39
## Checklist
40
-
We recommend that you read the [Azure Database Security Best Practices](database-best-practices.md) article prior to reviewing this checklist. You will be able to get the most out of this checklist after you understand the best practices. You can then use this checklist to make sure that you’ve addressed the important issues in Azure database security.
40
+
We recommend that you read the [Azure Database Security Best Practices](database-best-practices.md) article prior to reviewing this checklist. You will be able to get the most out of this checklist after you understand the best practices. You can then use this checklist to make sure that you've addressed the important issues in Azure database security.
41
41
42
42
43
43
|Checklist Category| Description|
@@ -46,11 +46,11 @@ We recommend that you read the [Azure Database Security Best Practices](database
46
46
| <br> Encryption in Motion/Transit| <ul><li>[Transport Layer Security](https://docs.microsoft.com/windows-server/security/tls/transport-layer-security-protocol), for data encryption when data is moving to the networks.</li><li>Database requires secure communication from clients based on the [TDS(Tabular Data Stream)](https://msdn.microsoft.com/library/dd357628.aspx) protocol over TLS (Transport Layer Security).</li></ul> |
47
47
|<br>Encryption at rest| <ul><li>[Transparent Data Encryption](https://go.microsoft.com/fwlink/?LinkId=526242), when inactive data is stored physically in any digital form.</li></ul>|
48
48
|**Control Access**||
49
-
|<br> Database Access | <ul><li>[Authentication](../../sql-database/sql-database-control-access.md) (Azure Active Directory Authentication) AD authentication uses identities managed by Azure Active Directory.</li><li>[Authorization](../../sql-database/sql-database-control-access.md) grant users the least privileges necessary.</li></ul> |
49
+
|<br> Database Access | <ul><li>[Authentication](../../sql-database/sql-database-manage-logins.md) (Azure Active Directory Authentication) AD authentication uses identities managed by Azure Active Directory.</li><li>[Authorization](../../sql-database/sql-database-manage-logins.md) grant users the least privileges necessary.</li></ul> |
50
50
|<br>Application Access| <ul><li>[Row level Security](https://msdn.microsoft.com/library/dn765131) (Using Security Policy, at the same time restricting row-level access based on a user's identity,role, or execution context).</li><li>[Dynamic Data Masking](../../sql-database/sql-database-dynamic-data-masking-get-started.md) (Using Permission & Policy, limits sensitive data exposure by masking it to non-privileged users)</li></ul>|
51
51
|**Proactive Monitoring**||
52
52
| <br>Tracking & Detecting| <ul><li>[Auditing](../../sql-database/sql-database-auditing.md) tracks database events and writes them to an Audit log/ Activity log in your [Azure Storage account](../../storage/common/storage-create-storage-account.md).</li><li>Track Azure Database health using [Azure Monitor Activity Logs](../../azure-monitor/platform/platform-logs-overview.md).</li><li>[Threat Detection](../../sql-database/sql-database-threat-detection.md) detects anomalous database activities indicating potential security threats to the database. </li></ul> |
53
-
|<br>Azure Security Center| <ul><li>[Data Monitoring](../../security-center/security-center-enable-auditing-on-sql-databases.md) Use Azure Security Center as a centralized security monitoring solution for SQL and other Azure services.</li></ul>|
53
+
|<br>Azure Security Center| <ul><li>[Data Monitoring](../../security-center/security-center-enable-auditing-on-sql-databases.md) Use Azure Security Center as a centralized security monitoring solution for SQL and other Azure services.</li></ul>|
54
54
55
55
## Conclusion
56
56
Azure Database is a robust database platform, with a full range of security features that meet many organizational and regulatory compliance requirements. You can easily protect data by controlling the physical access to your data, and using a variety of options for data security at the file-, column-, or row-level with Transparent Data Encryption, Cell-Level Encryption, or Row-Level Security. Always Encrypted also enables operations against encrypted data, simplifying the process of application updates. In turn, access to auditing logs of SQL Database activity provides you with the information you need, allowing you to know how and when data is accessed.
Copy file name to clipboardExpand all lines: articles/sql-database/elastic-jobs-overview.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -29,7 +29,7 @@ If you have not used Elastic jobs, [learn more about the job automation concepts
29
29
30
30
1. Create a credential for job execution in the *Job database* using [PowerShell](elastic-jobs-powershell.md) or [T-SQL](elastic-jobs-tsql.md#create-a-credential-for-job-execution).
31
31
2. Define the target group (the databases you want to run the job against) using [PowerShell](elastic-jobs-powershell.md) or [T-SQL](elastic-jobs-tsql.md#create-a-target-group-servers).
32
-
3. Create a job agent credential in each database the job will run [(add the user (or role) to each database in the group)](sql-database-control-access.md). For an example, see the [PowerShell tutorial](elastic-jobs-powershell.md).
32
+
3. Create a job agent credential in each database the job will run [(add the user (or role) to each database in the group)](sql-database-manage-logins.md). For an example, see the [PowerShell tutorial](elastic-jobs-powershell.md).
33
33
4. Create a job using [PowerShell](elastic-jobs-powershell.md) or [T-SQL](elastic-jobs-tsql.md#deploy-new-schema-to-many-databases).
34
34
5. Add job steps using [PowerShell](elastic-jobs-powershell.md) or [T-SQL](elastic-jobs-tsql.md#deploy-new-schema-to-many-databases).
35
35
6. Run a job using [PowerShell](elastic-jobs-powershell.md#run-the-job) or [T-SQL](elastic-jobs-tsql.md#begin-ad-hoc-execution-of-a-job).
0 commit comments