2020 @SQLSatLA presents: Secure SQL Server Database Design by Dan Mallott | @PureStorage Room

Secure SQL Server Database Design: Tactics and Technology by Dan Mallott (@DanielMallott)
When we design and build an application, do we think about security first or is it an afterthought? As we read about more and more data breaches, it is clear that we need to think security-first when designing and building our applications.

Where does design start for an application? It starts with the database layer. In this talk, we will discuss strategies for designing a more secure SQL Server database. We will start with simple design decisions for tables, views, stored procedures, and database roles that can improve security before moving on to talk about built-in SQL Server security technologies such as Always Encrypted, Row-Level Security, Dynamic Data Masking, Transparent Data Encryption, and SQL Server Audit. Lastly, we will finish up with some tips on how to retrofit security features onto existing databases and look at how data access from the application may need to change.
Prerequisites: Basic knowledge of database design. Knowledge of Tables, Views, Stored Procedures. Familiarity with Database and Server Roles.