This chapter shifts the focus to the crucial area of security and compliance within SQL Server databases. Recognizing that sensitive data requires robust protection, this chapter explores a range of security measures that businesses can employ. We begin by examining the core layers of SQL Server authentication, starting with the foundational concepts of logins and database users, and then diving into the specifics of Windows and SQL Server authentication. The chapter moves on to cover different ways to manage user access, including server-level roles. We will examine Transparent Data Encryption (TDE), which allows data protection at rest. Then we will explore data protection during transmission using Always Encrypted. Finally, we will discuss Row-Level Security (RLS), a feature that allows for granular access controls. This chapter emphasizes that building a strong security posture requires a multi-faceted approach involving both administrative controls and features built into SQL Server.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Security and Compliance

  • Venkata Reddy Pasam,
  • Petchikumar Andiappan

摘要

This chapter shifts the focus to the crucial area of security and compliance within SQL Server databases. Recognizing that sensitive data requires robust protection, this chapter explores a range of security measures that businesses can employ. We begin by examining the core layers of SQL Server authentication, starting with the foundational concepts of logins and database users, and then diving into the specifics of Windows and SQL Server authentication. The chapter moves on to cover different ways to manage user access, including server-level roles. We will examine Transparent Data Encryption (TDE), which allows data protection at rest. Then we will explore data protection during transmission using Always Encrypted. Finally, we will discuss Row-Level Security (RLS), a feature that allows for granular access controls. This chapter emphasizes that building a strong security posture requires a multi-faceted approach involving both administrative controls and features built into SQL Server.