Enabling communication traces in C# application for Azure AD authentication with SQL DB using token-based mechanism with Multi-factor authentication (MFA)

SQL server security team presents a code sample ( as VS project) allowing to enable communication traces for ADAL managed library used to support Universal Authentication with MFA for SQL DB ( see also Azure AD authentication extensions for Azure SQL DB and SQL DW tools). The ADAL traces help to troubleshoot communication issues related… Read more

Token-based authentication including Multi-factor auth (MFA) for Azure SQL DB using Azure Active Directory (AD)

SQL server security team presents an application solution for token-based authentication with multi-factor (MFA) support for SQL DB using Azure AD auth. The zip file attached below with the codes sample and a Readme doc present more details on this topic. For additional information see also Azure AD authentication extensions for Azure SQL DB and SQL DW tools. For further… Read more

Now Available: Guide for enhancing privacy and addressing GDPR requirements with the Microsoft SQL platform

Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations are emerging that formalize requirements around these topics, and compel organizations to comply. The upcoming EU Global Data Protection Regulation (GDPR) is one of the most noteworthy of these new regulations…. Read more

Threat Detection in Azure SQL Database is now Generally Available

We are excited to announce that Threat Detection is now Generally Available in Azure SQL Database. Threat Detection detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Threat Detection leverages machine learning to provide an additional layer of security built into the SQL Database service, enabling SQL Database customers to… Read more

Newly created Azure SQL databases will be encrypted at rest by default

Earlier today, we announced that all new Azure SQL databases will be encrypted with Transparent Data Encryption (TDE) by default, to make it easier for everyone to benefit from encryption at rest. The change in default will happen gradually by region. Visit the Azure Service Updates blog to learn more about this recent update…. Read more

Certificate-based authentication for Azure SQL DB using Azure Active Directory with recent Azure RM PowerShell version

This is a new version of the previous blog on Token-based authentication (see https://blogs.msdn.microsoft.com/sqlsecurity/2016/02/09/token-based-authentication-support-for-azure-sql-db-using-azure-ad-auth/ ) updated to accommodate recent Azure RM PowerShell version. The certificate-based authentication allows to use a local certificate that can be registered with Azure AD to serve as an authentication mechanism to connect to Azure SQL DB without using user/password or… Read more

Blob Auditing in Azure SQL Database is Generally Available

We are excited to announce that SQL Blob Auditing is now Generally Available in Azure SQL Database. Blob Auditing tracks database events and writes audited events to an audit log in your Azure Storage account. Auditing can help maintain regulatory compliance, understand database activity, and gain insight into discrepancies and anomalies that could indicate business concerns or suspected security… Read more

Getting Started with Always Encrypted using PowerShell

In the previous articles from the Always Encrypted blog series, we demonstrated how to configure Always Encrypted using SQL Server Management Studio. In this article, we will show you how to configure Always Encrypted from the command line, using PowerShell. Prerequisites To try the examples in this article, you need: A database, named Clinic, hosted… Read more