Blog Post

Azure SQL Blog
2 MIN READ

Summary of the 2022 Security Investments in Azure SQL and SQL Server 2022

AndreasWolter's avatar
AndreasWolter
Icon for Microsoft rankMicrosoft
Dec 20, 2022

The mission of the Security & Governance team in the Azure Databases organization is to ensure that

(1) the data our customers entrust in our services is safe and managed in a manner that is compliant with all regulations and privacy laws,

(2) that all SQL products are integrated with Microsoft Purview and Microsoft Defender, and

(3) that we offer a portfolio of industry leading security features that help customers meet the most stringent security requirements.

2022 was another successful year for our team and we are excited about the features and capabilities we shipped in our products. This blog post highlights some of the important deliverables our teams have made in security and data governance that are generally available (GA) in Azure SQL Database (DB), Azure SQL Managed Instance (MI) or in SQL Server 2022.

 

Authentication

·        Azure Active Directory (Azure AD) authentication for SQL Server 2022

·        Managed identity in Azure AD for Azure SQL DB & Azure SQL MI

·        Ability to turn off SQL Authentication in favor of Azure AD only for Azure SQL DB & Azure SQL MI

·        Windows Authentication for Azure AD principals in Azure SQL MI

SQL Roles & Permissions

·        New built-in server-level roles for SQL Server 2022

·        New granular permissions for Azure SQL DB, Azure SQL MI and SQL Server 2022

 

Data-at-rest encryption using Transparent Data Encryption (TDE) in SQL

·        Automated Key Rotation for TDE BYOK for Azure SQL DB & Azure SQL MI

·        User-Assigned Managed Identity for TDE CMK for Azure SQL DB and Azure SQL MI

Ledger

·        Ledger for Azure SQL DB and SQL Server 2022

 

Private Link

·        Azure Private Link for Azure SQL DB and Azure Synapse Analytics

Firewall Rules & Network Security Groups

·        Outbound firewall rules for Azure SQL DB and Azure Synapse Analytics

 

Data Classification

·        Availability of Microsoft Information Protection labels when using native data classification in Azure SQL DB & Azure SQL MI

·        Availability of Microsoft Information Protection labels when using SSMS with native data classification SSMS in SQL Server (any supported version)

Integration with Microsoft Purview

·        Microsoft Purview access policies for SQL Server 2022

 

Auditing

·        User Managed Identity (UMI) support for Auditing for Azure SQL DB

·        Named replicas in Azure SQL Hyperscale can now be audited with SQL Auditing (Azure SQL DB)

More detailed information on the security portfolio supported by SQL Server 2022 can be found here: What's new in SQL Server 2022 - SQL Server – Security | Microsoft Learn

In addition to the features listed above, our team has also released a number of security features that are specifically available only in SQL Server on Azure Compute VMs: What's new? - SQL Server on Azure VMs | Microsoft Learn.

Updated Dec 21, 2022
Version 4.0
No CommentsBe the first to comment