Protect Your Database

Use a layered (defense in depth) approach to data protection.

Network Security	Identity and Access	Data Protection	Security Management
- VNet - Firewall rules, NSG. - Private link.	- Authentication options: Azure AD, SQL Auth, Windows Auth. - Azure RBAC. - Roles and permissions. - Row level security.	- Encryption-in-use (Always encrypted) - Encryption-at-rest (TDE). - Encryption-in-flight (TLS). - Customer-managed keys. - Dynamic data masking.	- Advanced threat protection. - SQL audit. - Audit integration with log analytics and event hubs. - Vulnerability assessment. - Data discovery and classification. - Microsoft Defender for Cloud.