Ever used SQL-server in Azure? If you did, you probably added your IP address to the firewall whitelist to be able to access it from your dev machine. You checked the ‘allow azure services checkbox’ which allows a web app, for example, to access your database. I believe in the layered security model, where we add different layers on top of each other to strengthen our security. By enabling that ‘allow...’ checkbox we just peeled off one important layer of security. All a hacker needs to get your data is a service on Azure and a leaked password.
In this session, I will show you how to add additional security layers using virtual networks, Azure Private Endpoints, Service endpoints, VPN connections, and more. I will tell you how to get started and what limitations you can expect for all of these services. You see me build a demo in which we lock down a database and API and let a front-end application securely access that.