Overview of Security in Windows Azure SQL Database

Windows Azure SQL Database has two types of access control: SQL Authentication and a server-side firewall that restricts access by IP address. Along with access control SQL Database always maintains a secure connection to your database via SQL Server’s protocol encryption. Transparent Data Encryption (TDE) is not supported by this release of SQL Database, you can implement custom encryptions on the application level.

SQL Database Firewall
SQL Authentication
Connection Encryption
Data Encryption
See Also

SQL Database only supports the tabular data stream (TDS) protocol, which is accessible via port 1433 and via the TCP connections. For more information on SQL Database data access, see Windows Azure SQL Database Firewall.

Note
If you wish to contribute to this page, use the Edit tab at the top (sign-in required). If you wish to provide feedback for this documentation please either send e-mail to azuredocs@microsoft.com or use the Comment field at the bottom of this page (sign-in required).

SQL Database Firewall

SQL Database firewall lets you allow or prevent connections from various sources to specific IP addresses or ranges. The SQL Database firewall can be managed via Database Manager or directly in the master database with the provided stored procedures. For more information, see Windows Azure SQL Database Firewall.

SQL Authentication

As with any implementation of SQL Server, user account management must be tightly controlled. SQL Database only supports SQL Server authentication. User accounts with strong passwords and configured with specific rights should be used as well to complement your data security model. For more information, see Windows Azure SQL Database SQL Authentication.

Connection Encryption

SQL Database only supports encrypted connections. All communication between SQL Database and client applications/tools require SSL. For more information, see Windows Azure SQL Database Connection Encryption.

In addition, take a look at the Windows Azure SQL Database Connection Security article to learn more about how to secure connection strings and the best security practices when working with SQL Database.

Data Encryption

Because SQL Database supports TDS, this means you can for the most part connect and interact with the database just like you have always done. Taking advantage of ADO.NET encryption and trusted server certificates is definitely worth considering, especially when accessing your SQL Database from outside the cloud.