Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase 12»»

Security Outside the Database Expand / Collapse
Author
Message
Posted Wednesday, April 25, 2012 11:41 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 10:11 AM
Points: 31,168, Visits: 15,611
Comments posted to this topic are about the item Security Outside the Database






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1290427
Posted Thursday, April 26, 2012 7:01 AM
Say Hey Kid

Say Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey Kid

Group: General Forum Members
Last Login: Today @ 2:48 PM
Points: 685, Visits: 1,721
The problem lies with management. Without their insistance and proper allocation of resources, security and education will not be a priority. Security costs $$$. Lack of security costs more. But try explaining that to the CFO or clients that only look at the immediate bottom line.
Post #1290659
Posted Thursday, April 26, 2012 7:14 AM


Right there with Babe

Right there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with Babe

Group: General Forum Members
Last Login: Saturday, October 11, 2014 10:14 PM
Points: 722, Visits: 1,027
I think what is so wonderful about databases and data as a profession is that we oftentimes are the JOIN (if you will) between the high-level software (applications, code, etc.) and the low-level hardware (storage, etc.). Knowing nothing about either is just a time-bomb waiting to happen.

I find it interesting that you explicitly stated networking as something we should know relatively well. I definitely tend to agree with that. Do you feel that structured network learning (i.e. CCNA) is a benefit to a database administrator?




Twitter: @SQLife
Email: sqlsalt(at)outlook(dot)com
Post #1290673
Posted Thursday, April 26, 2012 7:40 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, August 28, 2014 1:35 PM
Points: 113, Visits: 423
Unfortunately given the small size of a lot of companies these suggestions are just impractical. What we need is software and hardware that takes care of this for us. SQL Server, Windows, Firewalls, etc should have intelligent default configurations that are secure by default.

IT workers at small businesses often wear multiple hats and as such can't humanly be expected to master the intricacies of of every specific discipline such as firewall administration when they only deal with this area once a month at most.
Post #1290714
Posted Thursday, April 26, 2012 7:47 AM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Thursday, October 16, 2014 9:04 AM
Points: 29, Visits: 218
I think half the issue is that we've got lazy developers who circumvent security in the name of repid development. I can't tell you how many developers I've worked with who run code as a user with sysadmin rights and when we, as DBA's, try to deny this, they go around and over our heads and get some high manager to bypass the best practices. I've even seen this from purchased applications.
Post #1290727
Posted Thursday, April 26, 2012 8:01 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 10:11 AM
Points: 31,168, Visits: 15,611
Thomas Stringer (4/26/2012)
I think what is so wonderful about databases and data as a profession is that we oftentimes are the JOIN (if you will) between the high-level software (applications, code, etc.) and the low-level hardware (storage, etc.). Knowing nothing about either is just a time-bomb waiting to happen.

I find it interesting that you explicitly stated networking as something we should know relatively well. I definitely tend to agree with that. Do you feel that structured network learning (i.e. CCNA) is a benefit to a database administrator?


I think it's good for many people to be IT generalists, outside of their specialty. Over the years knowing networking, AD, mail, etc. has helped me solve DB issues, or even helped me get applications to integrate well.

However I wasn't implying in the piece that DBAs should learn about IP networking. If you have people doing those jobs, inspire/motivate/ping them to learn more about their craft and better secure your systems.







Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1290752
Posted Thursday, April 26, 2012 8:05 AM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Tuesday, September 16, 2014 2:03 PM
Points: 1,334, Visits: 3,069
chrisn-585491 (4/26/2012)
The problem lies with management. Without their insistance and proper allocation of resources, security and education will not be a priority. Security costs $$$. Lack of security costs more. But try explaining that to the CFO or clients that only look at the immediate bottom line.



Now there is a man that knows the "real" world and how it works.


"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1290759
Posted Thursday, April 26, 2012 8:19 AM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Tuesday, September 16, 2014 2:03 PM
Points: 1,334, Visits: 3,069
However I wasn't implying in the piece that DBAs should learn about IP networking. If you have people doing those jobs, inspire/motivate/ping them to learn more about their craft and better secure your systems.


I agree, because in the end it makes you more marketable in the work place. However, in todays work place SARBOX standards tends to demarcate job descriptions a lot more, and when you deal with companies that come under SARBOX standards you have to be very aware of this or otherwise you could find yourself in some trouble with auditors learning/doing someone elses job description.


"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1290775
Posted Thursday, April 26, 2012 8:20 AM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Thursday, October 16, 2014 9:04 AM
Points: 29, Visits: 218
I agree that we should all learn about technologies that relate to our core technologies even though they are technically "not our job". Knowing VMWare, AD, and development(C#, C++, VB.NET) helps me a lot as a DBA.
Post #1290777
Posted Thursday, April 26, 2012 9:47 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 10:11 AM
Points: 31,168, Visits: 15,611
TravisDBA (4/26/2012)

I agree, because in the end it makes you more marketable in the work place. However, in todays work place SARBOX standards tends to demarcate job descriptions a lot more, and when you deal with companies that come under SARBOX standards you have to be very aware of this or otherwise you could find yourself in some trouble with auditors learning/doing someone elses job description.


Not true. You cannot do someone else's job. That's where you get into trouble. Understanding their job, providing advice, is fine. What you can't do is actually do the work or have access.







Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1290881
« Prev Topic | Next Topic »

Add to briefcase 12»»

Permissions Expand / Collapse