Expanding horizons—Microsoft Security’s continued commitment to multicloud
Learn how to manage multicloud security risk with Microsoft's native multicloud protection for three of the industry’s main cloud platforms.
This post is authored by Gilad Mittelman, Senior Program Manager, SQL Data Security.
Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations that formalize requirements are emerging around these topics and compel organizations to comply.
The upcoming EU Global Data Protection Regulation (GDPR), which takes effect on May 25, 2018, is one of the most noteworthy of these new regulations. It sets a new global bar for privacy rights, security, and compliance, mandating many requirements and obligations on organizations across the globe. Complying with this regulation will necessitate significant investments in data handling and data protection for a very large number of organizations.
SQL Information Protection (SQL IP), now in public preview, complements the existing Microsoft Information Protection (MIP) unstructured data classification framework (Azure Information Protection, Microsoft 365) and extends it with new structured data classification capabilities.
Microsoft SQL customers who are subject to the GDPR, whether managing cloud-based or on-premises databases or both, will need to ensure that qualifying data in their database systems is aptly handled, protected and monitored according to GDPR principles. This means that many customers will need to review or modify their database management and data handling procedures, especially focusing on the security of data processing as stipulated in the GDPR – the first step in this journey to compliance is discovering and tagging where such sensitive data resides within the database environment.
SQL IP introduces advanced capabilities built into Azure SQL Database and SQL Server for discovering, classifying, labeling and protecting the sensitive data in your SQL databases.
Discovering and classifying your most sensitive data (business, financial, healthcare, PII, etc.) can play a pivotal role in your organizational information protection stature. It can serve as infrastructure for:
SQL IP introduces a set of advanced services and new SQL capabilities, forming a new information protection paradigm in SQL aimed at monitoring and protecting the data, not just the database:
Figure 1: Data discovery and classification dashboard
The following video demonstrates the main SQL Information Protection public preview capabilities for Azure SQL DB and SQL Server:
Additional SQL IP capabilities will continue rolling out throughout the upcoming year, with a focus on scale and automation.
We’ll be introducing centralized management via Azure Security Center, enabling organizations to customize the organizational information protection policy with proprietary labels and discovery (recommendations) logic enrichment. We’ll also be introducing centralized dashboards for visibility into the sensitivity state of all resources across the entire database estate.
In addition, various automation capabilities will be exposed, for supporting fully automated classification and labeling of large numbers of databases at scale.
We encourage customers to contact us with any questions or feedback at [email protected].
More details on using SQL Information Protection can be found in: