February, 2012

Microsoft is working on a new Windows Azure service through SQL Azure Labs, called Trust Services. It is an application-level encryption framework that can be used to protect sensitive data stored on the Windows Azure Platform. By using Trust Services you can store keys, authorizations and encryption policies in the cloud, and use them to encrypt and decrypt sensitive data.

Trust Services provides a API that simplifies the development process and enables easy integration with data driven applications.

Check it out at Microsoft Codename "Trust Services". We are looking forward for your feedback.

Last week, we released SQL Azure Security Services through SQL Azure Labs. In this initial version of our labs, you can

• Scan your SQL Azure server or individual databases for security issues - We look for design issues, elevation issues and etc.
• Get a report of your database security model - You can quickly know which users exist in a database, role memberships, permissions on various objects and etc, to reason over presence of user accounts or permissions on various objects.
• Scan your data for malware presence (Currently we only check for Mass SQL Injection Attacks) - We have been observing Automated Mass SQL Injection attacks for over 4 years now, we scan for presence of malicious javascript in your data.

Please try the service here and let us know your feedback.

- Bala Neerumalla.