Guarding a resource against known threats may seem manageable, but the unknown attack patterns instill fear. Cloud computing, essentially entrusting data to "someone else's computer," necessitates a vigilant partnership between you and your cloud provider to ensure resource security, especially concerning customer data.
In this session, I'll explain a comprehensive layered defense strategy, starting from the outermost layer and working inward. This strategy will empower you to safeguard sensitive data and uphold your database system's confidentiality, availability, and integrity, even if one or more outer layers are breached.

The layers of defense encompass:
• Network Security
• Access Management
• Threat Protection
• Information Protection

For each layer, I will demonstrate some of the tools and resources you can implement to ensure the safety of your customer data, such as IP and Virtual network firewall rules, Microsoft Entra, and Microsoft Defender for Cloud.
We will also discuss mechanisms for detecting unusual behavior and potentially harmful attempts to access or exploit databases. This includes identifying suspicious activities such as SQL injection, potential data infiltration, brute force attacks, or anomalies in access patterns and setting up alerts to catch privilege escalations and breached credentials.

Prerequisite:
You need beginner-level skills in Azure SQL Database, database authentication, authorization, and access control.

Goals:
1. Compare database security responsibility in traditional and Cloud-Enabled methods.
2. Tools for each of the four levels of security.
3. How to set up and use these tools and prevent data loss, revenue reduction, and harm to business and brand reputation.