Secure SQL Server Database Design - Tactics and Technology

Explore secure SQL Server database design tactics and technologies in this comprehensive conference talk from PASS Data Community Summit. Learn strategies for implementing security-first principles when designing and building applications, starting with the database layer. Discover simple design decisions for tables, views, stored procedures, and database roles that enhance security. Delve into built-in SQL Server security technologies, including Always Encrypted, Row-Level Security, Dynamic Data Masking, Transparent Data Encryption, and SQL Server Audit. Gain insights on retrofitting security features onto existing databases and adapting data access from applications. Understand the importance of securing various data objects, using roles for group permissions, and implementing built-in security features to protect against data breaches.

Syllabus

Intro
About Dan
Session Evaluations
Disclaimer
Agenda
Data Breach Statistics
What Data Do We Need to Secure
Data Objects
Tables
Code
Stored Procedures
Secure All Objects
Use Roles
Group Permissions
Builtin Features
Always Encrypted
Row Level Security
Data Masking
Data Masking Demo
Transparent Data Encryption
SQL Server Audit
Enable Transparent Data Encryption