Last post Jul 14, 2017 06:46 AM by Cathy Zou
Jul 13, 2017 04:36 PM|priyalwalpita|LINK
In a normal bare metal hosting (IIS) we can use Integrated Security(eg : With AD) and hence, the config entry do not contain the connection string's plain text password. Or we can encrypt the connection string and can use a secure key store to secure the
In a cloud hosting environment( eg: Azure, AWS), how we can secure this connection string ? Normally we do have only a control panel to upload required files and ability to perform other minimal configurations. And most of the time, we do need to access
a DB in a different location with credentials. How can we secure our connection string in the config file without using plain text credentials. If we encrypt the connection string, how can we secure the key?
Jul 14, 2017 06:46 AM|Cathy Zou|LINK
Hi Priyal Walpita,
If you want to secure your connection strings and sensitive data, you could do that by using Azure
KeyVault. Then you can protect your connection strings or other sensitive values and retrieve them from the vault in a secure way within your application.
Other helpful links: