December 26, 2012 2:00 PM
Posted by: Denny Cherry
Data Security,
Database,
Database security,
Security,
SQL Server,
SQL Server 2000,
SQL Server 2005,
SQL Server 2008,
SQL Server 2008 R2,
SQL Server 2012Cross database chaining in SQL Server is actually a fairly old feature, first introduced in SQL Server 2000 SP3. However this feature isn't often understood mostly because it isn't often used.
Database chaining is when permissions cascade from one object to another because they are used by the...
December 6, 2012 12:42 PM
Posted by: Denny Cherry
Data Encryption,
Database security,
Encryption,
Security,
SQL PASS,
SQL Saturday,
SQL Saturday 194,
SQL ServerI'm so happy to be able to announce that I'll be giving a precon at SQL Saturday 194 over in England on Friday March 8th, 2013. This precon will be will be on SQL Server...
October 10, 2012 9:00 AM
Posted by: Denny Cherry
Data Encryption,
Data Loss,
Data Security,
Data Types,
Database,
Database Administration,
Database Design,
Database security,
Encryption,
Identity theft,
Security,
SQL,
SQL Server,
SQL Server stored procedures,
Stored Procedures,
T/SQL,
TablesI wrote a little while ago about the fact that sensitive data needs to be encrypted within the database for all applications. This is the first technique that is available to you to encrypt data...
August 9, 2012 2:00 PM
Posted by: Denny Cherry
AlwaysOn,
Availability Groups,
Azure,
Data Loss,
Data Security,
Database Administration,
Database security,
Microsoft Windows,
Security,
SQL,
SQL Server,
SQL Server 2000,
SQL Server 2005,
SQL Server 2008,
SQL Server 2008 R2,
SQL Server 2012,
StorageIn case you missed the blog post over on securingsqlserver.com, I wanted to repost it here...
I'm afraid that I've got some bad news. You can no longer pre-order
August 2, 2012 4:00 PM
Posted by: Denny Cherry
Data Encryption,
Data Loss,
Data Security,
Database Administration,
Database Design,
Database security,
Encryption,
Exploit,
Hashing,
Security,
SQL,
SQL ServerThe title of this post pretty much says it all. If you store sensitive data in a database you have to work under the assumption that someone is going to try and break into the system and steal that data. Thinking otherwise simply isn’t responsible as the developer and/or administrator of the...
July 30, 2012 4:00 PM
Posted by: Denny Cherry
Data Loss,
Data Security,
Database Administration,
Database security,
Exploit,
Security,
SQL,
SQL ServerSQL Injection is probably the most popular attack vector for hackers when they attempt to break into databases. The reason for this is that it is so easy for an attacker to gain access to the system, and typically to get pretty high level permissions to a database engine so that they can then...
July 26, 2012 2:00 PM
Posted by: Denny Cherry
Data Encryption,
Data Loss,
Data Security,
Database,
Database Administration,
Database Design,
Database security,
Encryption,
Security,
SQL Injection,
SQL PASS,
SQL PASS 2012,
SQL Server,
SQL Server 2000,
SQL Server 2005,
SQL Server 2008,
SQL Server 2008 R2,
SQL Server 2012The SQL PASS session list for the SQL PASS 2012 Summit has been released. This year there are 192 sessions being presented at the SQL PASS summit. Last year at the 2011 summit there were only a couple of sessions...
July 16, 2012 2:00 PM
Posted by: Denny Cherry
Database security,
Security,
SQL ServerHey vendors, consultants, clients, etc. STOP USING SQL LOGINS. Now if the SQL Server you are using isn't attached to a Windows domain then fine, odds are you'll need a SQL Authentication login. However if the machine is a member of the Windows domain then login to SQL Server using Windows...
July 5, 2012 2:00 PM
Posted by: Denny Cherry
Active Directory,
Database security,
Permissions,
SQL ServerSo in an earlier blog post I talked about how I had to grant some users the ability to create indexes in a reporting server. A couple of people have asked me how I created the domain...
0 Comments
RSS Feed
Email a friend
