The mission of the Security Virtual Chapter is to provide guidance and education, and to foster open discussion on security topics as they pertain to SQL Server and its environment.

Welcome to the PASS Security Virtual Chapter

Security is hard, and is hardly convenient - yet in today's world, it becomes absolutely necessary. Security touches upon infrastructure, code, and even things in the "physical" world. It is much more than Administration and Development.

The Security Virtual Chapter will cover the following topics and much more:
- SQL Server surface area and Attack vectors (SQL injection, etc)
- Encryption
- Security standards and best practices
- Forensics
- Audits and regulatory compliance
- Authentication and authorization

Always Encrypted in SQL Server 2016 and Azure SQL Database
Presenter: Jakub Szymaszek
Date: Thurs, May 28, 2015 10:00 AM - 11:00 AM PDT

This talk provides an overview of Always Encrypted - the new encryption technology in SQL Server and Azure SQL Database. Quite different from Transparent Data Encryption, Always Encrypted, is the encryption of data not only at rest, but also in use and in transit. With Always Encrypted, encryption and decryption of data happens transparently inside the application, using keys stored in a trusted location outside of SQL Server, so even DBAs cannot look at plain text data. The talk will include a demo showing how to develop applications using Always Encrypted and explaining how the technology works.

Speaker bio:
Jakub Szymaszek is a Program Manager in SQL Team in the Data Systems Group (DS) at Microsoft. He has been working on a variety of features and components including security monitoring, database migration, encryption technologies, and authentication for Azure SQL Database and SQL Server. Before joining Microsoft in 2010, Jakub was a consultant and technology instructor at Salesforce and Boland Software, and prior to that, he was a researcher at the Institute of Computer Science at the AGH University of Science and Technology in Krakow, Poland.

For updates on future meetings and events, follow us on Twitter at @PASS_SecurityVC.