Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Securing SQL Backups Expand / Collapse
Author
Message
Posted Tuesday, March 8, 2005 10:40 PM


Keeper of the Duck

Keeper of the Duck

Group: Moderators
Last Login: Friday, September 26, 2014 7:52 AM
Points: 6,624, Visits: 1,873
Comments posted to this topic are about the content posted at http://www.sqlservercentral.com/columnists/bkelley/securingsqlbackups.asp

K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog | LinkedIn | Twitter
Post #166443
Posted Monday, March 21, 2005 2:03 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Tuesday, March 13, 2012 9:34 AM
Points: 141, Visits: 61
Excellent article Brian, and one which applied equally to sysadmins and security managers. Highlights too the failings of auditors, who all too often seem to only be after ticks in boxes to obtain paper compliance, rather than really testing that the procedures that are in place actually work. Should be required reading for anyone who runs a business that relies on IT.


Jon
Post #168889
Posted Monday, March 21, 2005 9:10 AM


Keeper of the Duck

Keeper of the Duck

Group: Moderators
Last Login: Friday, September 26, 2014 7:52 AM
Points: 6,624, Visits: 1,873
Exactly. Auditors seek evidence that you have valid procedures. Depending on the audit, they may not seek evidence you're actually following them. Also, even though you have it documented, that doesn't mean you're doing it. That's a key point. Sometimes a pair of eyeballs and a pen test is what is needed to verify everyone is keeping the organization safe. Independent auditors are an essential part of any organization's security posture. They aren't the only part, however.



K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog | LinkedIn | Twitter
Post #168981
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse