Introduction
This module is designed to empower administrators with the knowledge and skills needed to plan and implement robust security measures for Azure SQL Database and Azure SQL Managed Instance, ensuring data protection and regulatory compliance.
Scenario
Imagine you're a database administrator responsible for managing Azure SQL Database and Azure SQL Managed Instance in your organization. Your databases store sensitive information, and you need to ensure that data is protected from unauthorized access, data breaches, and regulatory non-compliance.
Learning objectives
By the end of this module, participants are able to:
- Plan and implement security measures for Azure SQL Database and Azure SQL Managed Instance to protect sensitive data.
- Enable database authentication using Microsoft Entra ID for secure access control.
- Implement database auditing to track and monitor database activities for compliance and security.
- Identify use cases for the Microsoft Purview governance portal and leverage its capabilities for data governance.
- Implement data classification of sensitive information using the Microsoft Purview governance portal to ensure data protection and compliance.
- Plan and implement dynamic masking to control the exposure of sensitive data in query results.
- Implement Transparent Database Encryption (TDE) to encrypt data at rest for enhanced security.
- Provide recommendations on when to use Azure SQL Database Always Encrypted for client-side data encryption.
Goals
The module aims to equip participants with the knowledge and expertise necessary to design, implement, and manage advanced security measures for Azure SQL Database and Azure SQL Managed Instance. Participants are able to secure data, control access, monitor database activities, and comply with data governance requirements, ultimately protecting sensitive information from potential security threats and regulatory issues.