SQLServerCentral - www.sqlservercentral.com

A community of more than 1,600,000 database professionals and growing

Featured Contents

The Voice of the DBA

The Blame Game

Make no mistake, this is going to be something that happens again. The former CEO of Equifax blames their massive data breach on a bad scanner and a person. I'm not talking about a data breach, of course those are going to happen, and when they do, assume that every piece of data in the system is compromised. I know some digital forensic scientists are really talented, but is a company that didn't necessarily pay attention to security in the first place going to ensure the analysis is done right? Not likely. Assume every record is compromised.

In this case, the former CEO calls out a person that made a mistake, and then says technology failed. I don't think that's true, and I'd agree with Patrick McKenzie, who has a good thread on Twitter. A bad engineering decision, or even a process, is the result of multiple people making mistakes. Certainly there are people that must back up the Apache Struts patch person when they're on vacation. Or there should be. If there isn't, then that's a management failure at multiple levels.

The thing that concerns me is that we, as tech workers, are going to be blamed going forward. The individual isn't named here, but I bet at some point they will be. And some, or many, tech workers will get sacrificed for a company that wants to show contrition and action for security mistakes. It's common for someone to take the blame, but I haven't seen a specific person be identified (or their inaction be called out) in the past. I'm sure some tech people were probably fired after previous incidents at large companies, but not publicly.

While the person wasn't named, there was a report that this individual was no longer employed. Fired? Quit? Who knows. Certainly it's likely that once this breach became public, anyone who might have been responsible for watching CERT lists, applying patches, or anything to do with Apache Struts might be blamed. In fact, I don't know I'd want to continue working at a company that might publicly blame my role for a massive breach. My career might be dead with that management, so I might as well move on. Much easier for everyone to blame me than accept responsibility.

This is the first time I've seen an IT employee blamed. BA said an IT systems failure with their major issues. Yahoo and Target were hacked, but no one in IT was blamed. Sony didn't blame their IT staff after their emails and films were released. Yet Equifax did. I hope this isn't a sign of things to come.

Steve Jones from SQLServerCentral.com

Join the debate, and respond to today's editorial on the forums


The Voice of the DBA Podcast

Listen to the MP3 Audio ( 4.5MB) podcast or subscribe to the feed at iTunes and Libsyn. feed

The Voice of the DBA podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music.

ADVERTISEMENT
Foundry

Using SQL Census to audit SQL Server permissions

Redgate have just released SQL Census, a prototype tool that makes auditing SQL Server user access permissions much easier. In this post, Ally Parker shows how it works, tells us what's up next in the tool's development, and explains how you can download it for free. Try the free prototype

Redgate Hub

Do a lot more with Redgate tools

You probably have a favored Redgate tool but if you’ve been using it for a while, you may not be making the most of the latest features. Keep track of features and releases on the new Redgate Hub. Discover the Redgate Hub

Featured Contents

 

Group Managed Service Accounts (gMSAs) in SQL2016

Michael Minarzick from SQLServerCentral.com

Implementing Group Managed Service Accounts (gMSAs) in existing SQL Server instances with AlwaysON More »


 

The importance of bringing Python to SQL Server

When SQL Server 2017 launched, Microsoft proudly announced that it was the first relational database engine to ship with built-in artificial intelligence (AI) capabilities. But why Python and SQL Server? What is Python? And how does this compare to the R integration in SQL Server 2016? More »


 

Statistics in SQL: Student’s t-test

Additional Articles from SimpleTalk

Many undergraduates have misunderstood the name 'Students' in the t-test to imply that it was designed as a simple test suitable for students. In fact it was William Sealy Gosset, an Englishman publishing under the pseudonym Student, who developed the t-test and t distribution in 1908, as a way of making confident predictions from small sample sizes of normally-distributed variables. As Gosset's employer was Guinness, the brewer, Phil Factor takes a sober view of calculating it in SQL. More »


 

From the SQLServerCentral Blogs - SQL Server Database Corruption: That Might Occur in an Environment using SQL Server

zorastalin from SQLServerCentral Blogs

SQL server is the highly employed database service and is a highly advanced relational database management system, which is used... More »


 

From the SQLServerCentral Blogs - Extracting Deadlock information using SYSTEM_HEALTH Extended Events

Dharmendra Keshari from SQLServerCentral Blogs

Extended Events is a powerful feature that was introduced into SQL Server 2008 and onwards. It keeps historical system health... More »

Question of the Day

Today's Question (by Steve Jones):

I want to convert datetime values to datetimeoffsets to ensure all my time values are consistent and comparable. I decide to use TODATETIMEOFFSET() to do this. What do I need to pass in as a parameter(s)?

Think you know the answer? Click here, and find out if you are right.


We keep track of your score to give you bragging rights against your peers.
This question is worth 1 point in this category: Datetime Functions.

We'd love to give you credit for your own question and answer.
To submit a QOTD, simply log in to the Contribution Center.

ADVERTISEMENT

Professional Microsoft SQL Server 2014 Integration Services

Master the fundamentals of Transact-SQL—and develop your own code for querying and modifying data in Microsoft SQL Server 2016. Led by a SQL Server expert, you’ll learn the concepts behind T-SQL querying and programming, and then apply your knowledge with exercises in each chapter. Get your copy from Amazon today.

Yesterday's Question of the Day

Yesterday's Question (by Steve Jones):

I've got this dataframe:

> print(marvel)
       characters                     movies releaseyear
1        Iron Man                   Iron Man        2008
2      Spider-Man      Spider-Man Homecoming        2017
3            Thor       Thor: The Dark World        2013
4            Hulk                       Hulk        2003
5  Doctor Strange             Doctor Strange        2016
6 Captain America Captain America: Civil War        2011
7     Black Widow               The Avengers        2012
8         Hawkeye    Avengers: Age of Ultron        2015
9         Ant-Man                    Ant-Man        2015

I want to just return the row of data for Spider-Man. How can I do this?

Answer: marvel[2,]

Explanation:

To get a row, you can use an index with the brackets. In this case, the second row has "Spider-Man", so we use that as an index.

marvel[2,]

This returns the second row of the data frame.

Ref: Data Frame Row Slice - click here


» Discuss this question and answer on the forums

Database Pros Who Need Your Help

Here's a few of the new posts today on the forums. To see more, visit the forums.

SQL Server 2016 : SQL Server 2016 - Administration

The cluster IP address is already in use error while installing SQL 2016 Failover Cluster - We have 2 nodes, both were running SQL 2014 cluster. We had to upgrade the windows OS to 2016, the...

Version or Source Control for SQL Objects - Evening All, What are you all using for Version and Source Control? And how do you find it?


SQL Server 2016 : SQL Server 2016 - Development and T-SQL

Compression Script on existing tables in databases that handles the alters and indexes and tells how much savings? - Hi, is there a tried and true generic script available that I can run that will go through each database...

User Defined Aggregate assembly / CLR / Database compatibility level - Hello, I'm having a weird behavior on a clr aggregate function. (concatenation of several strings using a delimiter - code below) -...

Alias / pivot issue - All, Apologises if I'm asking too many questions at the moment. I am reading other posts to contribute if I can. Would...

How to find Relationship between Tables ? - Hello  I have an SQL database with more than  500 tables.    How to find the relationship between tables and the associated...

Having clause - Hi, Need to add having clause as tansaction_count>1 after group by clause in below query . Transaction_count is exist in table dbo.TABLEW Any...


SQL Server 2014 : Development - SQL Server 2014

Having trouble displaying a date in a certain format... - Select Invoice_Exceptions.Invoice_Number, Invoice_Exceptions.ItemNum, Inventory.ItemName, Invoice_Exceptions.Amount, Invoice_Exceptions.Quantity, Invoice_Exceptions.Reason_Code, Invoice_Exceptions.LineNum, Invoice_Exceptions.EmpName, Invoice_Exceptions.DateTime AS Day_Voided, Invoice_Totals.Payment_Method From Invoice_Exception

Columnstore index question - I have some large ETL tables that i've created to snapshot production OLTP data that is sourced from more than...

query format - CREATE TABLE .(  NULL,   (50) NULL ) ON INSERT INTO .(,) VALUES(1,'Architect') INSERT INTO .(,) VALUES(2,'Developers') INSERT INTO .(,) VA


SQL Server 2012 : SQL 2012 - General

Order of Indexed columns - does it matter - CREATE TABLE dbo.blah ( CustomID INT IDENTITY(1,1)  NOT NULL, CustomName NVARCHAR(50) NOT NULL, GID INT NOT NULL, PID INT NOT NULL, IsActive BIT NOT NULL, CONTSTRAINT...


SQL Server 2012 : SQL Server 2012 - T-SQL

Sql Code help pulling date range before an status - Hi All, Hello, I have an issue in finding out the date range and id previous to an event. here I...

Bulk load architecture - Hello SQL Guys, I am working on a project where in a file location I will be getting daily files like...

Indexing strategy on a highly transient table - Hi, I'm just looking for a disscussion about the best indexing strategy for a table I have that's in a...


SQL Server vNext : SQL Server 14 - Administration

Query to find out the user who changed the table Name - Dear All, Kindly guide me to find out  the user who had changed the name of table of a database. Basically I...


SQL Server 2008 : SQL Server 2008 Performance Tuning

Query similar to wireshark - Hi, We intend to write a query that will act like wireshark i.e. note down which process or program was executing...


Reporting Services : Reporting Services

ssrs 2008 report parameters - In an existing SSRS 2008 report, I am adding a new tablix and a new dataset to the rdl. This...


Reporting Services : Reporting Services 2005 Administration

Unable to access Reporting services reports from application - We have configured the reporting services to view the application reports. Report server is hosted in one system and application...


Reporting Services : SSRS 2012

Prompt for Windows Authentication when accessing report folders/reports - So there is a lot of talk of turning off the prompt for accessing reports, I want to turn it...


Data Warehousing : Integration Services

Script Task to check file existance is OK in Visual Studio but fails when Deployed - Hi, Within a Foreach loop, I have a simple Script Task to check if a file exists. If it exists, then FTP...

This email has been sent to {user_email}. To be removed from this list, please click here.
If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com.
This newsletter was sent to you because you signed up at SQLServerCentral.com.
Feel free to forward this to any colleagues that you think might be interested.
If you have received this email from a colleague, you can register to receive it here.
This transmission is ©2017 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
Contact: webmaster@sqlservercentral.com