News

Microsoft Rolls Out Test Security Service for SQL Azure

Microsoft this month described a test service designed to help SQL Azure users monitor the security of their databases housed in Microsoft's cloud.

Code-named "SQL Azure Security Services," it's offered as a free trial app through the SQL Azure Labs portal here. Users need to have a SQL Azure account to test it, but Microsoft offers a no-cost trial of Windows Azure (including SQL Azure) for 90 days. It's not clear when the service became available publicly.

SQL Azure Security Services runs as a Web application and lets users check for vulnerabilities in their databases. The service can test one database or all in an account. A Microsoft blog post describes the service as "an early prototype for solving the problem of securing your data in the cloud: no matter where it is, whatever the capacity and scale."

SQL Azure Labs releases are not fully tested by Microsoft and are more at the "cutting edge" level, according to Microsoft's description.

Microsoft plans to expand this service if it gets enough feedback on its use, according to a TechNet wiki post by Ramkumar Krishnan, who says he works at Microsoft. Krishnan outlined steps on how to use the service.

The scan will detect malware, security vulnerabilities and other potential issues in SQL Azure databases right now, but other capabilities may be added later.

"Depending on your enthusiasm for such a service and your valuable feedback, more advanced features like sensitive data discovery, data masking, configuration drift, SQL injection detection, and other functionality layered on core SQL Azure platform will be added to the service," Krishnan stated. "So your feedback is absolutely important!"

The service uses a two-tab directory, with one side listing any "security issues," while the other side catalogs potential "attack surface" problems. When a database has been attacked, the type of attack is identified, such as "SQL injection." The service may also question potential design problems, such as overly restricted access rights.

The service may offer a "recommended mitigation" from Microsoft if a problem is detected. The mitigation appears in text form as advice.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Nabs IoT Platform Provider Express Logic

    As part of its plan to invest $5 billion in IoT technologies, Microsoft this week acquired Express Logic, which provides real-time operating systems for industrial embedded and IoT devices.

  • Dealing with Broken Dependencies in SCVMM

    Brien shows you how to resolve some broken, template-related dependencies in Microsoft's System Center Virtual Machine Manager.

  • AzCopy Preview Adds AWS S3 Data Transfer Improvements

    Microsoft announced this week that it has improved the preview version of its AzCopy tool to better handle Amazon Web Services (AWS) S3 data.

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.