Databases Reference
In-Depth Information
According to Microsoft, parts of its cloud computing infrastructure are compliant with multiple regulations
including PCI, Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley. It also has achieved
numerous certifications, including
•
ISO/IEC 27001:2005
•
SAS 70 Type I and II
Microsoft recently announced a Trust Services framework as a technology preview. Although this service is in its
early stage it offers a standard mechanism for securing the exchange of sensitive data across organizations. For more
■
Note
For more information about Microsoft's compliance initiatives, visit
www.globalfoundationservices.com
.
Summary
Security in the cloud is a complex topic and involves careful analysis of your requirements and design options. This
chapter covered the basics of the CIA triad and classified security options in terms of confidentiality, integrity, and
availability.
You also reviewed how to plan for strong encryption and hashing in your Visual Studio applications. Finally, keep
in mind that schema separation can be very useful and should be implemented early in your development cycles.
By now, you should understand the many options available to you in order to secure you data in SQL Database
and be aware of some of the limitations of the SQL Database platform. Keep in mind, however, that some of those
limitations are likely to be either removed or mitigated at some point in the future as Microsoft provides additional
updates to its SQL Database platform.
