In this video,  Rohit Nayak and Ann Hoffman will cover the Deny Public Network Access setting for SQL Database.

Customers can use this setting to block all public access via firewall rules and exclusively rely on private endpoint connections.

Chapters:
  • [01:03] How to shut down public connectivity to my databases
  • [01:44] Deny public network access demo
  • [04:06] Private endpoint connections demo
Resources:

There are changes coming to the Azure IoT TLS certificates that may require updates to your IoT device firmware.

In this episode of the IoT show, learn the basics of TLS, the current Public Key Infrastructure (PKI) for Azure IoT generally, and IoT Hub and DPS specifically before detailing upcoming immediate changes to this PKI, and the future of PKI for Azure IoT.

Learn more at https://aka.ms/iotshow/iot-ca-updates

The following is a guest post by Emily Walsh.


Besides using a VPN to unblock online content, you also likely use it to enjoy better online privacy. After all, it encrypts your data, so you should be safe when you’re surfing the web, right?

That’s true, but here’s a question – how do you actually know the VPN properly protects your privacy?

We don’t want to worry you, but not all VPNs are fully secure. Which is why we’ll show you how you can easily tell if a VPN is trustworthy. If you’re in a hurry, feel free to skip to ProPrivacy’s list of the most secure VPNs available.

How Can a VPN Compromise Your Data?

And since skilled hackers nowadays could remotely take over your computer by just knowing your IP address, you can’t really afford to use a VPN that neglects your security.

5 Signs a VPN Takes Security Seriously

Based on our experience and research, this is how you can tell a VPN will keep you safe online:

1. They Don’t Keep Logs

You’re using a VPN to stop your ISP, surveillance agencies, hackers, and advertisers from knowing what you do online.

So why should the VPN be able to monitor your browsing? That kind of defeats the purpose of using one, really.

And we’re not just talking about usage logs (the ones that show what you with the VPN). We’re also talking about connection logs. True, many VPNs use them for troubleshooting, but they can still put your privacy at risk.

Why?

Because, sometimes, connection logs can contain your IP address.

The only way you know for sure a VPN isn’t spying on you is if it doesn’t keep any logs.

“How do you know they don’t keep logs, though?” we can hear you thinking.

Pretty simple – you check if the VPN has been audited by independent third parties. Or if there are any court documents from an investigation proving the service doesn’t keep any logs. Or if the provider had servers seized by the authorities and they weren’t able to find anything on them.

That’s how you can tell the service is trustworthy.

2. They Offer Secure Protocols & Powerful Encryption

If the provider forces you to only use PPTP, SSTP, and L2TP/IPSec, that’s a red flag. The NSA can crack PPTP encryption, and many people believe L2TP/IPSec can be compromised too.

And while SSTP is generally considered secure, keep in mind it’s closed-source and Microsoft owns it – the very same company that was previously accused of giving the NSA access to encrypted messages. Also, don’t forget Microsoft was the first company to join the NSA’s PRISM surveillance program.

If you can use OpenVPN on top of those protocols, though, that’s good news. OpenVPN continues to be considered the most secure VPN protocol. SoftEther and IKEv2 are also pretty decent. WireGuard too – just make sure the provider configured it properly.

As for encryption, AES is usually the standard. As long as the provider uses AES-128 or AES-256, you should be safe. 

3. They Run Encrypted DNS Servers

A VPN shouldn’t just encrypt your data, but your DNS requests too. If you’re not sure what they are, they’re the queries your browsers sends to DNS servers when you want to access a website. Their role is to find out what the website’s IP address is, so that the connection can be successful.

Well, if a VPN doesn’t have their own DNS servers that encrypt those queries, there’s a risk you might be exposed to man-in-the-middle (MITM) DNS attacks and DNS filtering. Also, you might continue using your ISP’s DNS server, so they’ll be able to see your web browsing even though you’re using a VPN.

4. They’re Leak-Proof

If a VPN is leaking, that means your IP address or other data aren’t going through the encrypted VPN tunnel. So websites can see your real IP address, and your ISP knows what sites you visit.

Unfortunately, there’s no alert that tells you when the VPN is leaking. You’ll have to test the connection instead. Luckily, doing that isn’t hard:

  1. Use this tool without the VPN and take a screenshot of the results.
  2. Connect to a VPN server.
  3. Use the tool again.
  4. Compare the results with the ones from the screenshot. If you see your original IP or DNS address, you’re dealing with a leak.

Oh, and bonus points if the provider offers built-in leak protection against DNS, WebRTC, and IPv6 leaks. It’s nice for peace of mind.

5. They Have a Kill Switch

This is a feature that shuts down your Internet access when your VPN connection goes down. It’s not abnormal for that to happen, but when it does happen, your data will be exposed.

A Kill Switch makes sure your privacy isn’t at risk when the VPN has connectivity issues. Overall, it’s a nice fail-safe.

Have a Hard Time Finding a VPN That Meets Those Requirements?

It’s not surprising. There are hundreds of VPNs on the market, so finding the right one is a ton of work.

Don’t worry, though – we’ve got your back. Our friends over at ProPrivacy have an excellent guide to the most secure VPNs available. It has all the information you need to make a smart decision.

What Else Do You Look for in a Secure VPN?

What other requirements do you think a VPN needs to meet to be eligible for the “secure” title?

Tell us all about them in the comments or on social media. Also, if you had any experiences with VPNs that put your data at risk, please let us know.

One of the major benefits of Azure SQL Database is that the Azure platform provides additional protection for your database against SQL Injection attacks and Data Exfiltration, amongst other threats.

Join Joey D’Antoni as he shows you how to configure Advanced Threat Protection, and some of the protections it offers.

Video index:

  • [01:37] What is Advanced Threat Protection?
  • [02:46] Microsoft Azure Configuration
  • [03:36] Advanced Threat Protection types
  • [04:48] Enable auditing
  • [05:19] Tracking alerts

Azure Security Center enables you to strengthen your security posture.

Yuri Diogenes joins Scott Hanselman to show how Security Center helps you identify and perform the hardening tasks recommended as security best practices and implement them across your machines, data services, and apps.

Content Index:

  • [0:00:00]- Intro
  • [0:00:24]- Episode start
  • [0:04:41]- Demo: Security Center dashboard
  • [0:05:20]- Demo: Security recommendations
  • [0:06:20]- Demo: Quick fix remediation
  • [0:07:20]- Demo: View remediation logic
  • [0:08:00]- Demo: Regulatory compliance
  • [0:09:06]- Demo: Standard tier overview (threat protection)
  • [0:11:48]- Demo: Security alerts
  • [0:13:19]- Demo: Security alert suppression rules
  • [0:15:54]- Episode wrap-up

Related links:

caitlinV3 explains how she passed the Security+ exam in under two weeks.

Everyone’s study prep and technical background will be different, so I realize some can study for 1 day and pass the test and others will need a few months. This is what worked for me in studying for the SYO-501 Security+ Certification from Comptia.

Power Down in Azure Sphere enables power-constrained scenarios for IoT devices to provide more flexibility and options for power management when building and deploying Azure Sphere devices.

Tyler Fox, PM in the Azure Sphere OS team, demos Power Down and talks through low-power IoT device scenarios and how Azure Sphere maintains device security and connectivity even in ultra-low power scenarios.