SQL Server includes multiple features that focus on data security, privacy, and developer productivity. In this session, we will review the best features from a database designer’s and developer’s point of view.
– Always Encrypted
– Dynamic Data Masking
– Row Level Security
– Data Classification
– Assessments
– Defender for SQL Server
– Ledger Tables
…and more
We’ll look at new and older features, why you should consider them, where they work, where they don’t, who needs to be involved in using them, and what changes, if any, need to be made to applications or tools that you use with SQL Server.
You will learn:
– The pros and cons of implementing each feature
– How implementing these new features may impact existing applications
– 10 tips for enhancing SQL Server security and privacy protections
Designer's Favorite New Features in SQLServerKaren Lopez
A database designer's favourte features in SQL Server...with a bit of Azure SQL DB, too.
Always Encrypted
Row Level Security
Microsoft Purview
Azure Enabled SQL Server
Azure Defender for SQL
Azure Defender for Cloud
Dynamic Data Masking
Ledger Database and Tables
Data Privacy
Data Governance
Karen's Favourite Features of SQL Server 2016Karen Lopez
Slides from a one hour webinar on Karen Lopez's favorite features from database designer's point of view. Topics include Always Encrypted, Data Masking, Row Level Security, Foreign Keys, JSON and more.
Notice an error? Let me know. I welcome this sort of feedback.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services (and not only). In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services. In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
Microsoft Azure zmienia się. Jego częśc poświęcona bazie danych (Windows Azure SQL Database) zmienia się jeszcze szybciej. Podczas tej sesji chciałbym pokazac tym, którzy nie widzieli, oraz przypomniec tym, którzy już coś wiedzą - o co chodzi z WASD, jakie zmiany nastapiły i czego możemy po tej bazie oczekiwać. Dla odważnych będzie okazja podłączenia się do konta w chmurze i przetestowania ych rozwiązań samemu.
Designer's Favorite New Features in SQLServerKaren Lopez
A database designer's favourte features in SQL Server...with a bit of Azure SQL DB, too.
Always Encrypted
Row Level Security
Microsoft Purview
Azure Enabled SQL Server
Azure Defender for SQL
Azure Defender for Cloud
Dynamic Data Masking
Ledger Database and Tables
Data Privacy
Data Governance
Karen's Favourite Features of SQL Server 2016Karen Lopez
Slides from a one hour webinar on Karen Lopez's favorite features from database designer's point of view. Topics include Always Encrypted, Data Masking, Row Level Security, Foreign Keys, JSON and more.
Notice an error? Let me know. I welcome this sort of feedback.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services (and not only). In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services. In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
Microsoft Azure zmienia się. Jego częśc poświęcona bazie danych (Windows Azure SQL Database) zmienia się jeszcze szybciej. Podczas tej sesji chciałbym pokazac tym, którzy nie widzieli, oraz przypomniec tym, którzy już coś wiedzą - o co chodzi z WASD, jakie zmiany nastapiły i czego możemy po tej bazie oczekiwać. Dla odważnych będzie okazja podłączenia się do konta w chmurze i przetestowania ych rozwiązań samemu.
Migrating on premises workload to azure sql databasePARIKSHIT SAVJANI
Azure SQL Database is a fully managed cloud database service with built-in intelligence, elastic scale, performance, reliability, and data protection that enables enterprises and ISVs to reduce their total cost of ownership and operational cost and overheads. In this session, I will share real-world experience of successfully migrated existing SaaS application and on-premises workload for some our tier 1 customers and ISV partners to Azure SQL Database service. The session walks through planning, assessment, migration tools and best practices from the proven experiences and practices of migrating real world applications to Azure SQL Database service.
Does SAS® implicit SQL pass-through sometimes fail to meet your needs? Do you sometimes need to communicate directly with your Oracle® or DB2® database in that database\'s native language? Explicit SQL pass-through might be your solution.
The author briefly introduces syntax for explicit SQL pass-through queries before showing examples of specific situations when explicit pass-through queries solve problems when extracting data. The author discusses the relationship between processing location and processing speed. She also gives specific examples of how differences between Oracle, DB2, and SAS sometimes make it necessary to do the initial extraction or transformation of data via pass-through. The examples used to illustrate the differences between the RDBMS and SAS include numeric precision and naming conventions. A brief discussion of differences in SQL dialects and functions between systems is also included.
In this presentation we introduce the basic concepts around SQL Server Azure: the database in the cloud.
Regards,
Ing. Eduardo Castro, PhD
http://ecastrom.blogspot.com
http://comunidadwindows.org
En esta presentación examinamos los roles y responsabilidades en la administración de SQL Azure.
Saludos,
Eduardo Castro Martinez – Microsoft SQL Server MVP
http://mswindowscr.org
http://comunidadwindows.org
Costa Rica
Technorati Tags: SQL Server
LiveJournal Tags: SQL Server
del.icio.us Tags: SQL Server
http://ecastrom.blogspot.com
http://ecastrom.wordpress.com
http://ecastrom.spaces.live.com
http://universosql.blogspot.com
http://todosobresql.blogspot.com
http://todosobresqlserver.wordpress.com
http://mswindowscr.org/blogs/sql/default.aspx
http://citicr.org/blogs/noticias/default.aspx
Slide deck for the DGIQ SIG on AI Ethics.
Are you concerned about data and AI ethics? Do you worry about how to make sure the algorithms and systems that affect our lives are fair, honest, responsible, and respectful of our rights and values? Do you have opinions about how to build an organizational culture that cares about these topics
Join us for what will surely be a lively and interesting session where you are the speakers.
Special interest group (SIG) discussions are group conversations on topics that are new, or specific to an audience segment. The format is casual and without any formal presentation. The objective is to engage all participants in an exchange of ideas, questions, and advice, so please come with a willingness to participate in the conversation.
Migrating on premises workload to azure sql databasePARIKSHIT SAVJANI
Azure SQL Database is a fully managed cloud database service with built-in intelligence, elastic scale, performance, reliability, and data protection that enables enterprises and ISVs to reduce their total cost of ownership and operational cost and overheads. In this session, I will share real-world experience of successfully migrated existing SaaS application and on-premises workload for some our tier 1 customers and ISV partners to Azure SQL Database service. The session walks through planning, assessment, migration tools and best practices from the proven experiences and practices of migrating real world applications to Azure SQL Database service.
Does SAS® implicit SQL pass-through sometimes fail to meet your needs? Do you sometimes need to communicate directly with your Oracle® or DB2® database in that database\'s native language? Explicit SQL pass-through might be your solution.
The author briefly introduces syntax for explicit SQL pass-through queries before showing examples of specific situations when explicit pass-through queries solve problems when extracting data. The author discusses the relationship between processing location and processing speed. She also gives specific examples of how differences between Oracle, DB2, and SAS sometimes make it necessary to do the initial extraction or transformation of data via pass-through. The examples used to illustrate the differences between the RDBMS and SAS include numeric precision and naming conventions. A brief discussion of differences in SQL dialects and functions between systems is also included.
In this presentation we introduce the basic concepts around SQL Server Azure: the database in the cloud.
Regards,
Ing. Eduardo Castro, PhD
http://ecastrom.blogspot.com
http://comunidadwindows.org
En esta presentación examinamos los roles y responsabilidades en la administración de SQL Azure.
Saludos,
Eduardo Castro Martinez – Microsoft SQL Server MVP
http://mswindowscr.org
http://comunidadwindows.org
Costa Rica
Technorati Tags: SQL Server
LiveJournal Tags: SQL Server
del.icio.us Tags: SQL Server
http://ecastrom.blogspot.com
http://ecastrom.wordpress.com
http://ecastrom.spaces.live.com
http://universosql.blogspot.com
http://todosobresql.blogspot.com
http://todosobresqlserver.wordpress.com
http://mswindowscr.org/blogs/sql/default.aspx
http://citicr.org/blogs/noticias/default.aspx
Slide deck for the DGIQ SIG on AI Ethics.
Are you concerned about data and AI ethics? Do you worry about how to make sure the algorithms and systems that affect our lives are fair, honest, responsible, and respectful of our rights and values? Do you have opinions about how to build an organizational culture that cares about these topics
Join us for what will surely be a lively and interesting session where you are the speakers.
Special interest group (SIG) discussions are group conversations on topics that are new, or specific to an audience segment. The format is casual and without any formal presentation. The objective is to engage all participants in an exchange of ideas, questions, and advice, so please come with a willingness to participate in the conversation.
Karen's Presentation to DAMA Chicago and other DAMA Chapters on 15 February 2023.
This presentation is less about data lakes that it is about Data Quality and how data professionals should think about designing and architecting systems that best meet the needs of how data works in the real world.
Expert Cloud Data Backup and Recovery Best Practice.pptxKaren Lopez
We’ve been deploying backup solutions since the beginning of computing and the foundations of backup and recovery have stayed the same: make sure backups run consistently and set recovery objectives. Yet systems in 2022 don’t work or act the same way they did decades ago. Cloud data backups have helped us meet the need for offsite backups, as well as impacted how we budget for them. Ransomware has impacted how we store them. The laws of physics might be more of an issue than when we had tapes stored in a safe down the hall. Cost models have changed, too.
In this session, Karen Lopez covers best practices for modern data recovery…and she will share stories of worst practices just to keep it real.
Manage Your Time So It Doesn't Manage YouKaren Lopez
NASA Space Apps NYC Pre-Hackathon Symposium presentation by Karen Lopez, InfoAdvisors and NASA Datanaut. Karen presents on how to successfully manage your time and deliverables in the NASA Space Apps Challenge no matter where you are participating.
This one-hour presentation covers the tools and techniques for migrating SQL Server databases and data to Azure SQL DB or SQL Server on VM. Includes SSMA, DMA, DMS, and more.
Blockchain for the DBA and Data ProfessionalKaren Lopez
An overview of blockchain fundamentals, including examples of Oracle 20c Blockchain Tables. Includes concepts of trust, immutability, hashes, distributed nodes, and cryptography.
Blockchain for the DBA and Data ProfessionalKaren Lopez
With all the hype around blockchain, why should a DBA or other data professional care? In this session, we will cover the basics of blockchain as it applies to data and database processes:
Immutability
Verification
Distribution
Cryptography
Transactions
Trust
We will look at current offerings for blockchain features in Azure and in database and data stores. Finally, we'll help you identify the types of business requirements that need blockchain technologies.
You will learn:
Understand the valid uses of blockchain approaches in databases
How current technologies support blockchain approaches
Understand the costs, benefits, and risks of blockchain
Data Security and Protection in DevOps Karen Lopez
Presentation to London #WinOps event Sept 2019. Focusing on data security, privacy, and protection on DevOps efforts. Includes data masking, dev and test, data, Alwasy Encrypted, and more.
Data Modeling for Security, Privacy and Data ProtectionKaren Lopez
Karen Lopez (@datchick/InfoAdvisors) 90-minute presentation on Data Security, Data Privacy, Compliance and how data modelers should discover, assess, and monitor these important data management responsibilities.
Designing for Data Security by Karen LopezKaren Lopez
As security and complaince becomes more important for organizations, especially in the age of GDPR, data breach and other legislation, Karen covers the types of features data architects and designers should be considering when building modern, protected and defensive systems.
There are many data modeling and database design terms and jargon that uses the word "key." Do you know the difference between a surrogate key and a primary key? A super key and a candidate key? Could you explain them to a technical audience? A business user or an auditor?
In this presentation, Karen Lopez covers the concepts of primary keys, foreign keys, candidate key, surrogate keys, and more.
How to Survive as a Data Architect in a Polyglot Database WorldKaren Lopez
Karen Lopez talks to data architects and data moders how they can best deliver value on modern data drive projects beyond relational database technologies. She covers NoSQL Databases and Datastores, which data stories they best fit and which ones they don't. She ends with 10 tips for adding more value to ployschematic database solutions.
In the spirit of the book 7 Databases in 7 Weeks, Lara Rubbelke and Karen Lopez cover ~seven databases and datastores in the SQL and NoSQL world, when to use them, and how they are SQL-like.
From SQLBitsXV
Notice an error? Let me know. I welcome this sort of feedback.
Karen Lopez 10 Physical Data Modeling BlundersKaren Lopez
Karen Lopez's presentation about 10 Physical Data Modeling/Database Design blunders, based on her work in helping organizations get the most value out of their models and data.
Notice an error? Let me know. I welcome this sort of feedback.
NoSQL and Data Modeling for Data ModelersKaren Lopez
Karen Lopez's presentation for data modelers and data architects. Why data modeling is still relevant for big data and NoSQL projects.
Plus 10 tips for data modelers for working on NoSQL projects.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
A Designer's Favourite Security and Privacy Features in SQL Server and Azure SQL DB
1. A DATABASE DESIGNER’S
FAVOURITE SECURITY AND
PRIVACY FEATURES IN SQL
SERVER
WITH SOME AZURE STUFF, TOO
KAREN LOPEZ
@DATACHICK
2. KAREN LOPEZ
Karen has 20+ years of
data and information
architecture
experience on large,
multi-project
programs.
She is a frequent
speaker on data
modeling, data-driven
methodologies and
pattern data models.
She wants you to love
your data.
6. 10 TOP WEB SECURITY RISKS
https://owasp.org/www-project-top-ten/
7. Azure Data Catalog - https://azure.microsoft.com/en-
ca/products/data-catalog
Azure Purview - https://azure.microsoft.com/en-
in/products/purview/
WHAT’S HAPPENING WITH DATA GOVERNANCE
CATALOGS AND COCKTAILS?
8. Require Data Governance Programs
Require
Require Chief Data Officer like roles
Require
Require Data Inventories
Require
Require Data Lineage from data source to data use
Require
PRIVACY AND DATA PROTECTION LEGISLATION
NOT JUST ABOUT BACKUPS OR ENCRYPTIN
9. GOVERNANCE
Security at the data level
Models capture security & privacy requirements
Management reports of reviews
Measurement
In other words, Governance
10. DATA MODELS
• Karen’s Preference
• Track all kinds of metadata
• Live
• Advanced Compare features
• Support DevOps and Iterative
development
• Support Conceptual, Logical and
Physical design
22. WHY WOULD A DB
DESIGNER LOVE IT?
Always Encrypted,
yeah.
Allows designers to not
only specify which
columns need to be
protected, but how.
Parameters are
encrypted as well
Built in to the engine,
easier for Devs
26. SECURITY – DYNAMIC DATA MASKING
CREATE TABLE Membership(
MemberID int IDENTITY PRIMARY KEY,
FirstName varchar(100) MASKED WITH (FUNCTION =
'partial(1,"XXXXXXX",0)') NULL,
LastName varchar(100) NOT NULL,
Phone# varchar(12) MASKED WITH (FUNCTION = 'default()') NULL,
Email varchar(100) MASKED WITH (FUNCTION = 'email()') NULL);
27. DYNAMIC
DATA
MASKING
Done at column level
(NOT ENCRYPTION!)
Data in the database, at
rest, has no protection.
Meant to complement
other methods
Performed at the end of
a database query right
before data returned
Performance impact
small
29. DDM FUNCTIONS
Function Mask Example
Default Based on Datatype
String – XXX
Numbers – 000000
Date & Times - 01.01.2000 00:00:00.0000000
Binary – Single Byte 0
XXXX
0
01.01.2000 00:00:00.0000000
0
Email First character of email, then Xs, then .com
Always .com
Kxxx@xxxx.com
Custom First and last values, with Xs in the middle kxxxn
Random For numeric types, with a range 12
29
30. DYNAMIC DATA MASKING
Data in database is not
changed
01
Ad-hoc queries *can*
expose data
02
Does not aim to
prevent users from
exposing pieces of
sensitive data
03
30
31. DYNAMIC DATA
MASKING
Cannot mask an encrypted column (AE)
Cannot be configured on computed column
But if computed column depends on a mask,
then mask is returned
Using SELECT INTO or INSERT INTO results in
masked data being inserted into target (also
for import/export) 31
33. WHY
WOULD A
DB
DESIGNER
LOVE IT?
Allows central, reusable
design for standard masking
Offers more reliable masking
and more usable masking
Removes whining about “we
can do that later”
35. ROW LEVEL SECURITY
Filtering result sets (predicate based access)
Predicates applied when reading data
Can be used to block write access
User defined policies tied to inline table functions
36. ROW LEVEL SECURITY
36
No indication that results have been filtered
If all rows are filtered than NULL set returned
For block predicates, an error returned
Works even if you are dbo or db_owner role
37. WHY WOULD A DB
DESIGNER LOVE IT?
Allows a designer to do
this sort of data
protection IN THE
DATABASE, not just rely
on code.
Many, many pieces of
code.
43. AZURE SQL DB LEDGER TABLE – APPEND ONLY
CREATE SCHEMA [AccessControl]
CREATE TABLE [AccessControl].[KeyCardEvents]
(
[EmployeeID] INT NOT NULL,
[AccessOperationDescription] NVARCHAR (MAX) NOT NULL,
[Timestamp] Datetime2 NOT NULL
)
WITH (LEDGER = ON (APPEND_ONLY = ON) );
44. LEDGER TABLES IN
AZURE SQL DB AND
SQL SERVER
https://learn.microsoft.com/sql/relational-databases/security/ledger/ledger-overview
45. AZURE SQL DB LEDGER TABLE – UPDATABLE
CREATE TABLE [Account].[Balance]
(
[CustomerID] INT NOT NULL PRIMARY KEY CLUSTERED,
[LastName] VARCHAR (50) NOT NULL,
[FirstName] VARCHAR (50) NOT NULL,
[Balance] DECIMAL (10,2) NOT NULL
)
WITH
(SYSTEM_VERSIONING = ON, LEDGER = ON);
46. KEY FEATURES
AZURE LEDGER
TABLES
Ledger Databases
Database Digests
Ledger Tables
Updatable
Append only
Immutable storage for transaction recording
Ledger Verification
53. WHY WOULD ONE USE A LEDGER TABLE?
More trustworthy
More protection from DBA/SysAdmin tampering
Don’t need or want full blockchain functionality
54. ARC ENABLED SQL SERVER
Single point of control for
SQL Servers (On-prem, in
Azure, or in other clouds)
• Dashboards
• Best Practices
Assessments
• AAD authentication
• Microsoft Defender
• Microsoft Purview
• PAYG for SQL Server
https://learn.microsoft.com/en-us/sql/sql-server/azure-arc/overview
57. SUPPORTED VERSIONS
Windows Server 2012 and later versions
Ubuntu 20.04 (x64)
Red Hat Enterprise Linux (RHEL) 8 (x64)
SUSE Linux Enterprise Server (SLES) 15
(x64)
SQL Server running in containers.
SQL Server Failover Cluster Instances (FCI).
SQL Server roles other than the Database
Engine, such as SSAS, SSRS, or SSIS)
SQL Server editions: Business Intelligence.
SQL Server 2008 (10.0.x), SQL Server 2008 R2
(10.50.x), and older versions.
SQL Server in Azure Virtual Machines.
SQL Server Azure VMware Solution
VMs in other Clouds
71. AZURE MONITOR
• Most resources include
Monitor-collected data in
the Overview page of
Azure Portal
• Portal option to see
Monitor for all services
• Can monitor Azure and
on-premises resources
73. Microsoft Defender for Cloud—Databases Protection
Protect SQL workloads through security posture management and allow timely responses to threats
• SQL security misconfigurations
• SQL injection attacks
• Brute-force attacks
• Unusual data exfiltration
• Suspicious access or queries
Cloud native
security
1-click enablement of protect
different type of SQL workloads
(IaaS or PaaS)
Security
posture management
Discover, track, and remediate SQL
workloads security misconfigurations
Advanced
threat protection
Detect and response unusual
and harmful attempts to breach
SQL workloads
Centralized
and integrated
Centralize security across all data assets
managed by Azure and built-in integration
with Sentinel and Purview
1 2 3
https://github.com/microsoft/sqlworkshops-sql2022workshop/blob/main/sql2022workshop/slides/The%20SQL%20Server%202022%20Workshop.pptx