Hopefully my question isn't too unique to be asked here, but I didn't find anything similar after some searching.
As a relatively inexperienced developer (only one large project excluding this one under my belt) how can I best secure data at rest in MSSQL and in memory?
The server on which this application would run is itself HIPAA compliant to my knowledge (not my responsibility) but I imagine that a client machine would be highly vulnerable from within, and a severe HIPAA violation could cost my family's business dearly. I am in no hurry to finish this project at the cost of quality, as I am trying to help the business succeed, not get criminal charges pressed against them...
If it is too wide-scoped or vague of a question to answer here, I would be happy to get some security reading recommendations aimed at programmers. There is so much conflicting information and disagreement on best practices that a simple google search for a security layman is overwhelming. (If it helps, I'm working in C++ and MSSQL mostly, and limited to Windows environments, and avoiding non- "commercial-free" licensed tools like the plague.)