Auditing in Azure Sql Data Warehouse First article in a series on “Security Intelligence in Azure PaaS” inspired me to write about auditing in Azure Sql Data Warehouse. Auditing to put it simply for person new to GRC (which stands for Governance, Risk Management, Compliance) is just like logging, but in expensive suite and a tie. Business tends to understand its purpose, requirements and is aware of attached price tag. Azure Sql Data Warehouse is relatively new MPP (after Massively Parallel Processing architecture) database offering based on Parallel Data Warehouse with generation 2 (optimised compute) generally available.
With June fast approaching I’m in the middle of “Security Intelligence in Azure PaaS” tour with 4 Sql Saturdays and 2 user groups still to go. So far it’s been very positive experience and I was able to capture a fair bit of feedback. Along the way I got interesting questions from both attendees and fellow presenters. Today I’m going to answer one of the most common which is “How to securely access Sql Database/Sql Datawarehouse/Cosmos DB from Azure when ‘Allow access to Azure services’ option is disabled?
Taking opportunity just before #MSBuild2018 kicks off here is my wishlist for security improvements that I’d like to see in Azure: Azure Sql Managed Instance GA announcement Azure Sql Auditing native support in Log Analytics VNET service endpoints support for hybrid scenarios VNET service endpoints support for multi-region servers Azure Sql DB/DW native VNET support Azure Sql Datawarehouse Always Encrypted Soft-Delete support in portal for Key Vault Always Encrypted Secure Enclaves Azure Confidential Computing Practical use cases for blockchain in context of InfoSec and of course - Quantum Commuting which always goes up to 11.