Join Pete Zerger for an in-depth discussion in this video Secure structured data at rest, part of Microsoft Cybersecurity Stack: Securing Enterprise Information.
- [Instructor] Transparent Data Encryption helps protect…Azure SQL Database and Data Warehouse against…the threat of malicious activity…by performing real-time encryption…and decryption of the database, associated backups,…and transaction log files at rest,…all without requiring changes to the application.…In order to protect structured data at rest,…Microsoft first introduced SQL Transparent Data Encryption…or TDE, in SQL Server 2008.…TDE protects data by performing I/O encryption…for SQL databases and logfiles.…
Transparent Data Encryption encrypts the storage…of an entire database by using a symmetric key…(called the database encryption key or DEK for short),…which is stored in the database,…as you can see in the diagram.…This DEK is protected by the TDE Protector.…Which is either a service managed certifice,…in the service-managed TDE scenario,…or an asymmetric key, stored in Azure Key Vault,…in the bring your own key scenario.…
The TDE Protector is set at the server level.…So just a bit about how TDE works.…
In this course—the third installment in the series—Microsoft MVP Pete Zerger demonstrates how to leverage the Microsoft cybersecurity stack to more effectively protect corporate information—on any device and in any cloud. Pete explains how to use Azure Information Protection (AIP) to protect information, as well as how to secure data on mobile devices. Plus, he covers identifying and controlling shadow IT, securing structured data in Azure, and more.
- Securing information on any device
- What is Azure Information Protection (AIP)?
- Configuring classification and labeling
- Classifying and protecting data in bulk
- Challenges of securing data on mobile devices
- Data loss prevention (DLP) on mobile devices
- Identifying and controlling shadow IT
- Securing collaboration and DLP
- Configuring dynamic data masking
- Protecting Azure SQL with SQL Threat Detection