This is the first in a short series of blogs and videos that show some of the basic and advanced security features of Microsoft Azure Data Security. In this video we will share our top 3 common risks we see customers exposed to, and how to mitigate them. We will also provide an overview of the Azure SQL Server firewall options including making connections completely private using Azure Private Link.
In this short video intro to the series, we will go into detail on the above topics as well as show how we can completely lock down Azure SQL Server to private networks only.
The illustration below taken from the video shows how on premises networks can connect to Azure PaaS resources via ExpressRoute and Private Link to establish a completely private internal connection using Private Link.
Top 3 Common Azure Security Data Risks
1. Lack of Role Based Access
Lack of proper access controls can provide users with the ability to make server and network level changes, thus increasing the risk of potential data exposure.
2. Network Level Security
Leaving Network ports and public endpoints exposed to the internet can invite hackers to try and get into your systems and sometimes they are successful. Limit exposure by locking down or closing off public internet endpoints.
3. Data Protection, Insights and Monitoring
With little or no insight into confidential data, organisations can not know exactly where this data is, nor will they know who is accessing it and from where. With advanced data security capabilities in Azure, this can be avoided, increasing control and reducing data exposure risk.
Please join us in part two where we show exactly what the scenarios shown in part one looks like in Azure. The following environment will be used to simulate a connection from an on premises network through to a PaaS object using only private networks.