Moving Your Database to the Cloud

Moving a database management system to the cloud, in whole or in part, necessarily alters the way you approach security, but you’ll quickly find out that securing a SQL Azure cloud database is similar to securing access and applications for SQL Server.

Josh Hoffman’s Securing SQL Azure in TechNet Magazine is great place to start. He takes you through the prerequisite process of
setting up a Windows Azure account, which provides access to Azure services such as SQL Azure.

Hoffman also discusses network access control with the SQL Azure Firewall, the authentication method in SQL Azure and the connection encryption via TDS over an SSL connection.

The SQL Azure team goes into detail on all these topics, and to make it easy to find and move among topics, they have published their SQL Azure Security content to the TechNet Wiki. Starting out, you’ll find that SQL Azure only supports encrypted connections and has two types of access control. As with any implementation of SQL Server, accounts are managed with SQL
Authentication
. And the SQL Azure Firewall restricts access by IP address. For more on these security methods, see the Overview
of Security in SQL Azure
and the Security Guidelines for SQL Azure.

When managing logins and users in a SQL Azure database, there are some restrictions. In his video demonstration How Do
I: Configure SQL Azure Security?
, Max Adams walks through the creation of logins, databases and users, and how to view logins and databases from the master database.

Finally, some common sense best practices can make your SQL Azure database applications less vulnerable to threats:

  • Always use the latest updates and the most current version of tools and libraries.
  • Block inbound connections on TCP port 1433. Only outbound connections on TCP port 1433 are needed for applications to communicate with SQL Azure Database.
  • Use parameterized queries where possible to prevent SQL injection vulnerabilities.
Advertisements

About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: