TechNet Flash, Volume 13, Issue 16 - July 27, 2011
TechNet Flash Editor's Note from Mitch Irsfeld
Moving a database management system to the cloud, in whole or in part, necessarily alters the way you approach security, but you'll quickly find out that securing a SQL Azure cloud database is similar to securing access and applications for SQL Server. In the new TechNet feature package, we look at the various features and techniques available to secure your SQL Azure installation.
Securing SQL Azure in TechNet Magazine is great place to start. He takes you through the prerequisite process of setting up a Windows Azure account, which provides access to Azure services such as SQL Azure.
Hoffman also discusses network access control with the SQL Azure Firewall, the authentication method in SQL Azure and the connection encryption via TDS over an SSL connection.
The SQL Azure team goes into detail on all these topics, and to make it easy to find and move among topics, they have published their SQL Azure Security content to the
TechNet Wiki. Starting out, you'll find that SQL Azure only supports
encrypted connections and has two types of access control. As with any implementation of SQL Server, accounts are managed with
SQL Authentication. And the
SQL Azure Firewall restricts access by IP address. For more on these security methods, see the
Overview of Security in SQL Azure and the
Security Guidelines for SQL Azure.
When managing logins and users in a SQL Azure database, there are some restrictions. In his video demonstration
How Do I: Configure SQL Azure Security?, Max Adams walks through the creation of logins, databases and users, and how to view logins and databases from the master database.
Finally, some common sense best practices can make your SQL Azure database applications less vulnerable to threats:
- Always use the latest updates and the most current version of tools and libraries.
- Block inbound connections on TCP port 1433. Only outbound connections on TCP port 1433 are needed for applications to communicate with SQL Azure Database.
- Use parameterized queries where possible to prevent SQL injection vulnerabilities.
Thanks for reading,
Editor, TechNet Flash
Subscribe to the
TechNet Flash Feed blog for news updates as they happen, often several times a day.