Azure Security News Catch Up for August 2015

It’s hard to stay in touch with all that’s being going on in Azure security, so we decided to make things a little easier for you by providing a monthly “catch up” post. This will make it easier for you to get a quick view of what happened in Azure security for the previous month.

We’re a little late with this one, as it’s the first one we’ve done. In subsequent months, we’ll post the monthly Azure Security News Catch Up on the first Monday of each month.

Here’s a list of things I found that should help you get in touch with last month’s Azure security happenings. If you have something in Azure security that you want to include in the monthly Catch Up, send me an email and I’ll make sure it’s included.

Now, let’s Catch Up with what happened in Azure security in August.

• Row-Level Security for SQL Database is Generally Available – OK, this isn’t strictly Azure security, since it’s about a SQL Server 2016 feature, but you can run SQL Server 2016 in Azure IaaS, and it’s a cool security feature.
• Azure Government Achieves Significant Compliance Milestones – Azure Government achieves certificates in FedRAMP Moderate Provisional Authority to Operate (P-ATO), , DISA Level 2 Provisional Authorization (PA), HIPAA Business Associate Agreement (BAA) and support for federal tax workloads under IRS Publication 1075.
• Securing Your Pre-production Environment in the Cloud – Devs an work in a pre-production environment where it’s super easy to move non-Internet facing pre-production slots to Internet facing production slots with single “click” (or command)
• A Practical Guide to Designing Secure Health Solutions Using Microsoft Azure – this white paper provides you with what you need to know to design and create secure application in Azure.
• SQL Server Connector for Azure Key Vault Public Preview Refresh Now Available – the SQL Server connector for Azure Key Vault allows you to manage your keys separately from the SQL Server itself.
• New Public Preview of Converged Microsoft Account and Azure Active Directory Programming Model – now you can work across Microsoft Account and Azure Active Directory using the new converged programming model.
• How I learned to stop worrying and love the cloud: Azure Forensics for the Security Responder - forensics in the cloud? Yes. Troy Larson shows you how.
• Microsoft Azure Storage Client-Side Encryption Goes into General Availability – encrypt data contained within Azure Blobs, Tables and Queues. Implement encryption in common use-case scenarios, and best of all, it’s interoperable across a number of programming languages.
• Pen Testing Your Applications in Microsoft Azure – yes, you can pen test your application in Azure, this article shows you what you need to do first.

That’s all for August – looking forward to sharing with you some *really big things* after AzureCon. Make sure you register so you can find out in real time!

Thanks!
Tom
Tom Shinder
Project Manager, Azure Security Engineering
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me!