Tag Archives: security

The Danger of xp_cmdshell

Securing a computer is a challenge. There are all sorts of potential issues in every platform, and ensuring safety for your data can be less a reflection of your ability and more the good fortune there isn’t a focused effort … Continue reading

Posted in Editorial | Tagged , | 4 Comments

Encryption Keys Matter

Perhaps the importance of protecting encryption keys is even greater than we realize. It appears that the NSA and the US Government have been able to read encrypted traffic for some time on the Internet, perhaps for most of the last … Continue reading

Posted in Editorial | Tagged , | 4 Comments

Separate Accounts

This editorial was originally published on Aug 10, 2012. It is being re-run as Steve is on vacation. Many years ago I worked in a small company that only had about 5 or 6 servers. We had one system administrator … Continue reading

Posted in Editorial | Tagged | Leave a comment

Security Leaks from Websites

One of the main issues with connecting databases to the Internet is that if a hacker finds a way to get access to the database with credentials, perhaps using a well known account (*cough* sa *cough*) and a weak password, … Continue reading

Posted in Editorial | Tagged | 1 Comment

Keyboard Hardlines

A few years ago, I had a keyboard die. At the time, I needed something quickly and ended up with a Logitech wireless model that included a mouse. I’m not sure of which model, but I’ve ended up getting two … Continue reading

Posted in Editorial | Tagged | 2 Comments

Passwords Under Pressure

What should we do about passwords? They’re a thorn in the side of administrators trying to keep systems secure, but they’re also an issue for users. Not for most of our users, but certainly for some. In hospitals, or other … Continue reading

Posted in Editorial | Tagged | Leave a comment

Deploying Row Level Security with SQL Compare

Row Level Security (RLS) is a great new feature in SQL Server 2016. It’s been in Azure SQL Databases for some time, but we now have it on premise. It’s easy to setup and use, and worth taking a look … Continue reading

Posted in Blog | Tagged , , , , | Leave a comment

Security is Getting Serious

OK, if we can’t trust computer chips, what do we do? It almost feels like the security war to protect information, or at least keep it private, might be lost before our very eyes in the next decade. There’s a … Continue reading

Posted in Editorial | Tagged | Leave a comment

DevOps and Security

DevOps is a buzzword these days, and like many of the hyped concepts written about, it has a lot of meanings. There is this idea releasing software more often, using automation, having various groups talk to each other, and more, … Continue reading

Posted in Editorial | Tagged ,

The Penalty for a Data Breach

Many of us that work with data are somewhat insulated from the effects of a data breach. Each of us is responsible for writing software, managing the database platform, perhaps even in charge of configuring security. However, in the event … Continue reading

Posted in Editorial | Tagged | 2 Comments