Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tags Editorial, Security Rss

   Items 1 to 20 of 159    Older >>
 

The Penalty for a Data Breach

One of the things that will be debated quite a bit in the next few years will be the penalties for data loss.  Read more...
By Steve Jones 2016/06/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 83 reads

The Politics of SQL Security

Dealing with SQL Server security when the application it uses is full of security holes.  Read more...
By Scott Crosby 2016/05/23 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 127 reads

The Proliferation of Roles

Using roles for security is a best practice that Steve Jones espouses.  Read more...
By Steve Jones 2016/05/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 54 reads

Track Your Consultants

It's possible to perform a man-in-the-middle attack against SQL Server. Steve Jones notes you should be aware these attacks could take place inside of your network.  Read more...
By Steve Jones 2016/03/29 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 58 reads

Forcing Strong Passwords

Passwords are always a challenge, but are bad passwords the users' fault? Steve Jones has a few thoughts.  Read more...
By Steve Jones 2016/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 95 reads

Reasonable Timeframes

Steve Jones talks about the timeframes for updating and fixing security problems in applications.  Read more...
By Steve Jones 2016/02/11 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 80 reads

The Digital Woes of Public Records

Public records have been open in the past, but today's digital access might mean problems.  Read more...
By Steve Jones 2016/02/09 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 98 reads

Maybe Security is Harder than Rocket Science

It's hard to build strong security over time, but it's worth the effort. Steve Jones notes that even smart people have problems implementing strong security.  Read more...
By Steve Jones 2016/02/02 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 106 reads

Security Convenience

Security is always a hot topic, and Steve Jones notes that we should be specific when we work with security.  Read more...
By Steve Jones 2016/01/15 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 118 reads

Rulebreaking Developers

How much of a problem is it when developers can blamed for issues?  Read more...
By Steve Jones 2016/01/07 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 232 reads

Hacking to Hide

People have hacked the voyage data recorders in ships. Steve Jones thinks this is a fundamental problem in computing systems.  Read more...
By Steve Jones 2016/01/05 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 163 reads

Why Use the Principle of Least Privilege?

SQL Injection isn't special code. It consists of regular, valid T-SQL that is unexpected by the application. Steve Jones notes that using the principle of least privilege can help to limit the damage from SQL Injection if the application fails to properly check input.  Read more...
By Steve Jones 2015/12/28 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 389 reads

Correct Old Mistakes

We all make mistakes, but it's important that we revise our code to correct them over time.  Read more...
By Steve Jones 2015/12/24 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 108 reads

Hacking Data

A new series of attacks were proven recently using music files to attach embedded systems in cars. Could this be another attack vector that we need to worry about?  Read more...
By Steve Jones 2015/12/22 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 557 reads

Running as SysAdmin

Today we have a guest editorial from Andy Warren. We still have many applications runnning under sysadmin accounts, often "sa". Why do people do this? Andy has a few thoughts on the subject.  Read more...
By Andy Warren 2015/12/21 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 501 reads

The $90,000 Laptop

The payment for a lost laptop: $90,000.  Read more...
By Steve Jones 2015/12/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 293 reads

The Auditor Attack Vector

Steve Jones shares a story about losing data today.  Read more...
By Steve Jones 2015/12/01 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 126 reads

The Biggest Data Breach (For Now)

JP Morgan suffers the largest data breach for a financial institution, but Steve Jones doesn't think this record will stand for long.  Read more...
By Steve Jones 2015/11/24 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 172 reads

Secret Software Security

The move to limit disclosure of vulnerabilities continues, with potential issues for many of us.  Read more...
By Steve Jones 2015/11/02 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 93 reads

SQL Injection - The Revenge

As yet more personal details are spilled by preventable security lapses, what's   Read more...
By Dave Convery 2015/11/02 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 212 reads
   Items 1 to 20 of 159    Older >>
 
Tags
encryption (9)    
sql injection (7)    
database weekly (6)    
software development (6)    
auditing (4)    
friday poll (4)    
backup and restore (3)    
cloud computing (3)    
passwords (3)    
hackers (2)    
patches (2)    
secure programming (2)    
administration (1)    
application design (1)    
biometrics (1)    
career (1)    
cissp (1)    
data retention (1)    
data security (1)    
database design (1)    
devops (1)    
disaster recovery (dr) (1)    
legal issues (1)    
patching (1)    
performance tuning (1)    
politics (1)    
privacy (1)    
responsibilities (1)    
roles (1)    
security awareness (1)    
sql server (1)    
ssl (1)    
today (1)    
transparent data encryption (tde) (1)    
upgrading (1)    
virtualization (1)