Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tags Editorial, Security Rss

<< Newer    Items 21 to 40 of 168    Older >>
 

Why Use the Principle of Least Privilege?

SQL Injection isn't special code. It consists of regular, valid T-SQL that is unexpected by the application. Steve Jones notes that using the principle of least privilege can help to limit the damage from SQL Injection if the application fails to properly check input.  Read more...
By Steve Jones 2015/12/28 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 390 reads

Correct Old Mistakes

We all make mistakes, but it's important that we revise our code to correct them over time.  Read more...
By Steve Jones 2015/12/24 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 108 reads

Hacking Data

A new series of attacks were proven recently using music files to attach embedded systems in cars. Could this be another attack vector that we need to worry about?  Read more...
By Steve Jones 2015/12/22 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 557 reads

Running as SysAdmin

Today we have a guest editorial from Andy Warren. We still have many applications runnning under sysadmin accounts, often "sa". Why do people do this? Andy has a few thoughts on the subject.  Read more...
By Andy Warren 2015/12/21 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 501 reads

The $90,000 Laptop

The payment for a lost laptop: $90,000.  Read more...
By Steve Jones 2015/12/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 294 reads

The Auditor Attack Vector

Steve Jones shares a story about losing data today.  Read more...
By Steve Jones 2015/12/01 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 126 reads

The Biggest Data Breach (For Now)

JP Morgan suffers the largest data breach for a financial institution, but Steve Jones doesn't think this record will stand for long.  Read more...
By Steve Jones 2015/11/24 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 172 reads

Secret Software Security

The move to limit disclosure of vulnerabilities continues, with potential issues for many of us.  Read more...
By Steve Jones 2015/11/02 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 93 reads

SQL Injection - The Revenge

As yet more personal details are spilled by preventable security lapses, what's   Read more...
By Dave Convery 2015/11/02 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 214 reads

The Dangers of Travel

As data professionals, we might carry lots of information with us that relates to our organization. Will we get caught up in government issues as we cross borders?  Read more...
By Steve Jones 2015/10/22 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 185 reads

Serious Hacking

The biggest government hack ever occurred recently. At least until the next one happens.  Read more...
By Steve Jones 2015/10/20 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 219 reads

Everyone is a Target

Today Steve Jones looks at the targeted attacks by hackers against individual security professionals.  Read more...
By Steve Jones 2015/09/23 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 118 reads

Cloud Security Issues

The cloud is always going to be a challenge for security, but is it harder or easier than on premises? Steve Jones has a few comments.  Read more...
By Steve Jones 2015/08/04 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 130 reads

Hack Us

A challenge from United intrigues Steve Jones. How many other companies would make a challenge like this?  Read more...
By Steve Jones 2015/05/26 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 177 reads

The Opportunistic Hacker

Sometimes the crimes of opportunity might be the worst ones for our data.  Read more...
By Steve Jones 2015/04/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 200 reads

Source Code Security

The code you use may contain security information. Be extra careful in this case, especially when you use encryption.  Read more...
By Steve Jones 2015/03/31 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 112 reads

SQL Injection, Still?

We still have problems with SQL Injection. Steve Jones has a few thoughts on why.  Read more...
By Steve Jones 2015/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 282 reads

What counts for a DBA: Responsibility

Whose fault is it if a database is hacked and its contents appear on a hacker’s site? Louis Davidson suggests that, regardless of limitations, the DBA always bears some responsibility.  Read more...
By Louis Davidson (@drsql) 2014/12/22 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 134 reads

It's Not Just Poor Coding

It's not just poor coding that threatens security, as a new survey shows.  Read more...
By Steve Jones 2014/11/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 226 reads

A Fundamental Security Mistake

Steve Jones thinks Microsoft is making a fundamental security mistake in the way they build features for the various editions of SQL Server. Read today's editorial and see if you agree.  Read more...
By Steve Jones 2014/11/03 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 407 reads
<< Newer    Items 21 to 40 of 168    Older >>
 
Tags
encryption (9)    
database weekly (7)    
sql injection (7)    
software development (6)    
auditing (4)    
friday poll (4)    
backup and restore (3)    
cloud computing (3)    
passwords (3)    
hackers (2)    
patches (2)    
secure programming (2)    
administration (1)    
application design (1)    
biometrics (1)    
career (1)    
cissp (1)    
data retention (1)    
data security (1)    
database design (1)    
devops (1)    
disaster recovery (dr) (1)    
legal issues (1)    
patching (1)    
performance tuning (1)    
politics (1)    
privacy (1)    
responsibilities (1)    
roles (1)    
security awareness (1)    
sql server (1)    
ssl (1)    
today (1)    
transparent data encryption (tde) (1)    
upgrading (1)    
virtualization (1)