Public Preview Refresh of SQL Server Connector for Microsoft Azure Key Vault
For those that missed it, the Public Preview refresh download for the SQL Server Connector for...
Author: Jack Richins Date: 08/27/2015
Row-Level Security for Azure SQL Database is Generally Available
Row-Level Security (RLS) for Azure SQL Database is now generally available. RLS enables you to store...
Author: Tommy Mullaney Date: 08/19/2015
Always Encrypted Key rotation – Column master Key rotation.
Update: The syntax for column master keys have been updated. Please refer to...
Author: Raul Garcia - MS Date: 08/13/2015
Yes, You Really Can
I thought today would be a good day to remind you about Microsoft's stance on customer validation of...
Author: Jack Richins Date: 08/11/2015
Feedback request: Protecting data in SQL
We (the SQL Security product team) would like to better understand the needs and frustrations of...
Author: Tommy Mullaney Date: 07/31/2015
Encrypting Existing Data with Always Encrypted
As you have learned from our previous articles, Always Encrypted is a client-side encryption...
Author: Jakub Szymaszek Date: 07/28/2015
Optimizing RLS performance with the Query Store
In a previous post, we looked at best practices for optimizing the performance of Row-Level Security...
Author: Tommy Mullaney Date: 07/21/2015
Always Encrypted Key Metadata
Note: this article was modified on Nov 1st, 2015 to reflect syntax changes in T-SQL DDL and metadata...
Author: Jakub Szymaszek Date: 07/06/2015
Developing Web Apps using Always Encrypted
In our first post on the Always Encrypted technology, Getting Started with Always Encrypted, we...
Author: Jakub Szymaszek Date: 06/12/2015
Getting Started With Always Encrypted
Updates: The syntax for column master keys have been updated. Please refer to...
Author: Raul Garcia - MS Date: 06/04/2015
Apply Row-Level Security automatically to newly created tables
We have discussed before that applications with multi-tenant databases, including those using...
Author: Raul Garcia - MS Date: 05/22/2015
Using CLR to replace xp_cmdshell for specific tasks
As we have discussed before, xp_cmdshell is a mechanism to execute arbitrary calls into the system...
Author: Raul Garcia - MS Date: 05/20/2015
Recommendations for using Cell Level Encryption in Azure SQL Database
Update: Fixed an error on the sample code. When we introduced Transparent Data Encryption (TDE) to...
Author: Raul Garcia - MS Date: 05/12/2015
How to: Scale out multi-tenant apps using RLS and Elastic Database Tools
In response to a common customer ask, we've published guidance for developing multi-tenant...
Author: Tommy Mullaney Date: 05/07/2015
Announcing Transparent Data Encryption for Azure SQL Database
Available today, SQL Database Transparent Data Encryption (preview) protects your data and helps you...
Author: Jack Richins Date: 04/29/2015
Row-Level Security: Performance and common patterns
This post demonstrates three common patterns for implementing Row-Level Security (RLS) predicates:...
Author: Tommy Mullaney Date: 04/23/2015
Apply Row-Level Security to all tables -- helper script
Developing multi-tenant applications with Row-Level Security (RLS) just got a little easier. This...
Author: Tommy Mullaney Date: 03/30/2015
Row-Level Security: Blocking unauthorized INSERTs
Row-Level Security (RLS) for Azure SQL Database enables you to transparently filter all...
Author: Tommy Mullaney Date: 03/23/2015
Row-Level Security for Middle-Tier Apps – Using Disjunctions in the Predicate
In Building More Secure Middle-Tier Applications with Azure SQL Database using Row-Level Security,...
Author: Raul Garcia - MS Date: 03/16/2015
Updated MSDN Documentation for Azure SQL Database Row-Level Security
Row-Level Security Preview
Author: Jack Richins Date: 01/30/2015
Row-Level Security for Azure SQL Database
I'm so excited to announce that we are deploying Row-Level Security, a programmability feature to...
Author: Jack Richins Date: 01/29/2015
SQL Application Column Encryption Sample (Codeplex) available
To achieve many compliance guidelines on Azure SQL Database, the application needs to encrypt the...
Author: Raul Garcia - MS Date: 09/17/2014
Auditing in Azure SQL Database
I'm very excited to share the hard work some of my peers have been doing - Auditing in Azure SQL...
Author: Jack Richins Date: 08/05/2014
PVKConverter
I'm happy to inform you that if you were looking for a tool from Microsoft to convert PFX files to...
Author: Jack Richins Date: 10/23/2013
Filter SQL Server Audit on action_id / class_type predicate
In SQL Server 2012, Server Audit can be created with a predicate expression (refer to MSDN). This...
Author: Rinku Agarwal Date: 10/03/2012
SQL Server 2012 Best Practices Analyzer
Copied from an internal email from a PM on the team, Jakub -I’m pleased to announce that SQL...
Author: Jack Richins Date: 04/19/2012
Security Best Practice and Label Security Whitepapers
2 New Whitepapers: SQL Server 2012 Security Best Practice white paper (updated link:...
Author: Jack Richins Date: 03/06/2012
Azure Trust Services
Microsoft is working on a new Windows Azure service through SQL Azure Labs, called Trust Services....
Author: Don Pinto Date: 02/17/2012
SQL Azure Security Services
Last week, we released SQL Azure Security Services through SQL Azure Labs. In this initial version...
Author: Bala Neerumalla Date: 02/01/2012
Meet the team at SQL PASS Summit 2011
PASS Summit 2011 is coming to Seattle this week starting October 11th 2011. You'll have the...
Author: Don Pinto Date: 10/11/2011
Data Hashing in SQL Server
A common scenario in data warehousing applications is knowing what source system records to update,...
Author: Don Pinto Date: 08/26/2011
Database Engine Permission Basics
I am posting this on behalf of my colleague Rick Byham, a technical writer on the SQL Server Team....
Author: Don Pinto Date: 08/25/2011
SQL Server 2008 PCI DSS v.2.0 Whitepaper
If PCI compliance with SQL Server is a concern for you, then you'll probably want to check out the...
Author: Il-Sung Date: 07/15/2011
Integrity checks with EncryptByKey
This article is a follow up to “Prevent Tampering of Encrypted Data Using @add_authenticator...
Author: Raul Garcia - MS Date: 04/05/2011
Prevent Tampering of Encrypting Data Using add_authenticator Argument of EncryptByKey
This article is one of several articles discussing some of the best practices for encrypting data....
Author: Raul Garcia - MS Date: 02/21/2011
Revisiting the RC4 / RC4_128 Cipher
The implementation of RC4/RC4_128 in SQL Server does not salt the key and this severely weakens the...
Author: Don Pinto Date: 02/09/2011
Tips for using DB user with password
Creating DB-specific users with password on a contained DB can provide a lot of mobility for...
Author: Raul Garcia - MS Date: 01/18/2011
Contained Database Authentication in depth
To connect with contained user credentials you have to specify contained database in the connection...
Author: Lyudmila Fokina Date: 12/07/2010
Contained Database Authentication: How to control which databases are allowed to authenticate users using logon triggers
With the release of Microsoft SQL Server code-name “Denali” Community Technology Preview...
Author: Raul Garcia - MS Date: 12/06/2010
Contained Database Authentication: Monitoring and controlling contained users
Enabling contained database authentication on an instance allows db owners (and other privileged db...
Author: Lyudmila Fokina Date: 12/03/2010
Contained Database Authentication: Introduction
In Microsoft SQL Server code-name “Denali” Community Technology Preview 1 (CTP1) we...
Author: Lyudmila Fokina Date: 12/02/2010
Guest account in User Databases
Andreas Wolter recently posted yet another reason to keep guest disabled on user databases in SQL...
Author: Jack Richins Date: 09/24/2010
rand vs. crypt_gen_random
Many applications need to generate random data, and in order to help in this task they typically...
Author: Raul Garcia - MS Date: 09/09/2010
Security Checklists on TechNet Wiki
Rick Byham, our wonderful technical writer, just posted some checklists you may find useful on the...
Author: Jack Richins Date: 07/26/2010
DEK and the Log
In my previous post I talked about DEK management and how it is stored in the database. In this post...
Author: Zubair Ahmed Mughal - MSFT Date: 07/13/2010
Database Encryption Key (DEK) management
This post will talk about DEK, what it is and how it is securely stored and managed inside a...
Author: Zubair Ahmed Mughal - MSFT Date: 06/14/2010
TDE, DEK and the LOG
Transparent Database Encryption (TDE) was introduced in SQL Server 2008 to allow users to encrypt...
Author: Zubair Ahmed Mughal - MSFT Date: 06/04/2010
Blocking automated SQL injection attacks
SQL injection attacks have been on the rise in the last two years, mainly because of automated...
Author: Bala Neerumalla Date: 04/27/2010
SQL Server Authentication Troubleshooter
I am posting this article on behalf of my teammate Lyudmila. A new tool to help investigate...
Author: Raul Garcia - MS Date: 03/29/2010