Data stores
The following best practices should be employed for SQL databases:
- Ensure Transparent Data Encryption (TDE) is enabled
- Use a centralized identity management system for authentication and authorization
- Restrict access by IP, and only give access to those that need it
However, you should avoid the following:
- Don't open all IPs through your firewall
Using Azure AD gives you access to the following features:
- Single source for password rotation
- Manage permissions with groups
- Multi-factor Authentication (MFA)