SQL Server and Azure SQL provide many different functionalities and services which help you to protect your most valuable assets: your data. But features alone do not protect if not carefully thought through and working in siloed manners. Without a properly planned security strategy, it is too easy to miss gaps between security controls and finding oneself exposed when a serious attack occurs.
In today’s environment of “hacking as a service”, state-funded and orchestrated hacking groups, being properly prepared for all scenarios can become vital to a company’s survival.
In this session, Andreas Wolter, a former program manager for SQL security at Microsoft with over 2 decades of experience working with customers, will reflect on the current threat landscape and explain the most common breach-patterns as well as how to stop them from occurring.
Under an assume breach mindset we will look at various attack vectors, discuss what ransomware and data exfiltration attacks have in common and how that helps us to prevent or limit the blast radius.
We will look at how to strategically approach a security concept, which starts at the overall system’s architecture and does not end with encryption alone.
This session is aimed at security managers and architects who want to learn how to secure their SQL environments and data not just using the latest technologies and features but also how to approach it strategically.