Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tags Editorial, Security Rss

   Items 1 to 20 of 162    Older >>
 

Security is Getting Serious

Today Steve Jones notes that back doors could be inserted into chips, which would be a huge problem.  Read more...
By Steve Jones 2016/07/18 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 75 reads

The Bad Data Shutdown

Not more hacking, but rather a data error in some cars is disturbing to Steve Jones.  Read more...
By Steve Jones 2016/07/05 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 103 reads

DevOps and Security

Are DevOps and security diametrically opposed? An interesting pieces says no, and Steve Jones comments.  Read more...
By Steve Jones 2016/06/27 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 59 reads

The Penalty for a Data Breach

One of the things that will be debated quite a bit in the next few years will be the penalties for data loss.  Read more...
By Steve Jones 2016/06/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 90 reads

The Politics of SQL Security

Dealing with SQL Server security when the application it uses is full of security holes.  Read more...
By Scott Crosby 2016/05/23 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 132 reads

The Proliferation of Roles

Using roles for security is a best practice that Steve Jones espouses.  Read more...
By Steve Jones 2016/05/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 54 reads

Track Your Consultants

It's possible to perform a man-in-the-middle attack against SQL Server. Steve Jones notes you should be aware these attacks could take place inside of your network.  Read more...
By Steve Jones 2016/03/29 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 59 reads

Forcing Strong Passwords

Passwords are always a challenge, but are bad passwords the users' fault? Steve Jones has a few thoughts.  Read more...
By Steve Jones 2016/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 100 reads

Reasonable Timeframes

Steve Jones talks about the timeframes for updating and fixing security problems in applications.  Read more...
By Steve Jones 2016/02/11 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 81 reads

The Digital Woes of Public Records

Public records have been open in the past, but today's digital access might mean problems.  Read more...
By Steve Jones 2016/02/09 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 98 reads

Maybe Security is Harder than Rocket Science

It's hard to build strong security over time, but it's worth the effort. Steve Jones notes that even smart people have problems implementing strong security.  Read more...
By Steve Jones 2016/02/02 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 106 reads

Security Convenience

Security is always a hot topic, and Steve Jones notes that we should be specific when we work with security.  Read more...
By Steve Jones 2016/01/15 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 119 reads

Rulebreaking Developers

How much of a problem is it when developers can blamed for issues?  Read more...
By Steve Jones 2016/01/07 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 232 reads

Hacking to Hide

People have hacked the voyage data recorders in ships. Steve Jones thinks this is a fundamental problem in computing systems.  Read more...
By Steve Jones 2016/01/05 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 163 reads

Why Use the Principle of Least Privilege?

SQL Injection isn't special code. It consists of regular, valid T-SQL that is unexpected by the application. Steve Jones notes that using the principle of least privilege can help to limit the damage from SQL Injection if the application fails to properly check input.  Read more...
By Steve Jones 2015/12/28 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 390 reads

Correct Old Mistakes

We all make mistakes, but it's important that we revise our code to correct them over time.  Read more...
By Steve Jones 2015/12/24 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 108 reads

Hacking Data

A new series of attacks were proven recently using music files to attach embedded systems in cars. Could this be another attack vector that we need to worry about?  Read more...
By Steve Jones 2015/12/22 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 557 reads

Running as SysAdmin

Today we have a guest editorial from Andy Warren. We still have many applications runnning under sysadmin accounts, often "sa". Why do people do this? Andy has a few thoughts on the subject.  Read more...
By Andy Warren 2015/12/21 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 501 reads

The $90,000 Laptop

The payment for a lost laptop: $90,000.  Read more...
By Steve Jones 2015/12/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 294 reads

The Auditor Attack Vector

Steve Jones shares a story about losing data today.  Read more...
By Steve Jones 2015/12/01 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 126 reads
   Items 1 to 20 of 162    Older >>
 
Tags
encryption (9)    
sql injection (7)    
database weekly (6)    
software development (6)    
auditing (4)    
friday poll (4)    
backup and restore (3)    
cloud computing (3)    
passwords (3)    
hackers (2)    
patches (2)    
secure programming (2)    
administration (1)    
application design (1)    
biometrics (1)    
career (1)    
cissp (1)    
data retention (1)    
data security (1)    
database design (1)    
devops (1)    
disaster recovery (dr) (1)    
legal issues (1)    
patching (1)    
performance tuning (1)    
politics (1)    
privacy (1)    
responsibilities (1)    
roles (1)    
security awareness (1)    
sql server (1)    
ssl (1)    
today (1)    
transparent data encryption (tde) (1)    
upgrading (1)    
virtualization (1)