22-25 April 2026 
Protecting Data Outside the Database When the Perimeter Is Gone but the DBA Is Not
Regular 50 minute session for SQLBits 2026TL; DR
The database is no longer the security boundary. Data now flows into analytics platforms, AI systems, data lakes, and SaaS applications—often with little visibility or control. In this session, DBAs and Microsoft data professionals will learn how to protect data beyond the database using lineage, governance, and policy-driven security.
You will explore how to track data movement, apply classification and sensitivity labels, and enforce access controls across distributed data environments without slowing innovation. Walk away with practical strategies and tools for protecting your data ecosystem when the database is no longer where the risk lives.
Session Details
We DBAs have focused on securing the relational database, yet today, the database is no longer the boundary. Data streams into data lakes, analytics platforms, AI pipelines, spreadsheets, SaaS tools, and developer sandboxes. Often this is done without the visibility, governance, or controls DBAs once relied on. When data leaves SQL Server, Azure SQL, other relational databases, traditional security models break and risk accelerates.
This session focuses on what DBAs and Microsoft data professionals can do when the relational engine is no longer the center of data gravity. We will explore how to track data lineage across platforms, apply policy outside the database, and enforce protection even as data is copied, transformed, and shared. Topics include classification, sensitivity labeling, access governance, auditing, and encryption in transit and at rest across Azure-native services and downstream consumers.
Attendees will learn how to build visibility into data movement using lineage tooling, quantify exposure risk, and implement guardrails around data democratization without becoming a blocker to innovation. We will examine real-world approaches for protecting data in pipelines, analytics systems, and AI workflows where the database becomes just one of many sources and often the least visible.
By the end of the session, DBAs will leave with a framework for extending governance beyond the engine, practical tooling guidance, and a mindset shift from “protecting a database” to “protecting a data ecosystem.”
This session focuses on what DBAs and Microsoft data professionals can do when the relational engine is no longer the center of data gravity. We will explore how to track data lineage across platforms, apply policy outside the database, and enforce protection even as data is copied, transformed, and shared. Topics include classification, sensitivity labeling, access governance, auditing, and encryption in transit and at rest across Azure-native services and downstream consumers.
Attendees will learn how to build visibility into data movement using lineage tooling, quantify exposure risk, and implement guardrails around data democratization without becoming a blocker to innovation. We will examine real-world approaches for protecting data in pipelines, analytics systems, and AI workflows where the database becomes just one of many sources and often the least visible.
By the end of the session, DBAs will leave with a framework for extending governance beyond the engine, practical tooling guidance, and a mindset shift from “protecting a database” to “protecting a data ecosystem.”
3 things you'll get out of this session
By the end of this session, attendees will be able to:
• Explain why the database is no longer the primary security boundary
• Identify common data escape points across modern data platforms
• Track data lineage across systems to understand data flow and exposure
• Apply classification and sensitivity labels beyond the database engine
• Enforce access governance in pipelines, analytics platforms, and cloud services
• Detect risky data movement and unauthorized access patterns
• Implement encryption strategies for data in transit and at rest across systems
• Balance data democratization with security and compliance requirements
• Explain why the database is no longer the primary security boundary
• Identify common data escape points across modern data platforms
• Track data lineage across systems to understand data flow and exposure
• Apply classification and sensitivity labels beyond the database engine
• Enforce access governance in pipelines, analytics platforms, and cloud services
• Detect risky data movement and unauthorized access patterns
• Implement encryption strategies for data in transit and at rest across systems
• Balance data democratization with security and compliance requirements
Speakers
Kellyn Gorman's other proposed sessions for 2026
Aren’t we all tired of AI? - 2026
DBA Horror Stories and Practical Advice for Surviving Your Worst Day - 2026
Navigating SQL Server to PostgreSQL Migrations and How DBAs Keep Their Sanity - 2026
Optimizing CI/CD for Hybrid and Cloud Environments with DevOps and AI - 2026