Almost every week, we hear about another major data breach in the news. As a result, each of us has to become more security conscious about how we design and build systems. Nowhere is this more important than when we talk about protecting our application’s data. As developers, we need to take an active role in building our applications with a security first mindset, and this includes the database.
In this talk, we’ll understand how data compromises can occur and some of the features built into SQL Server you can use to defend against them. This includes how to properly setup users and roles in your database to follow the principle of least privilege. I will then show how to encrypt connections between your application and SQL Server. We’ll discuss how to encrypt data stored in your database and wrap up by talking about how to mask sensitive data. We’ll do all of this from a developer’s point of view so you can understand in pragmatic terms how to interact with SQL Server more securely.
Today, security is everyone’s responsibility. When finished with this session, you will have a list of practical steps you can implement to make your applications data in SQL Server more secure and you will be better positioned to work with you security engineers and DBA’s to build secure applications.