SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tags Editorial, Security Rss

<< Newer    Items 21 to 40 of 181    Older >>
 

The Bad Data Shutdown

Not more hacking, but rather a data error in some cars is disturbing to Steve Jones.  Read more...
By Steve Jones 2016/07/05 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 117 reads

DevOps and Security

Are DevOps and security diametrically opposed? An interesting pieces says no, and Steve Jones comments.  Read more...
By Steve Jones 2016/06/27 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 64 reads

The Penalty for a Data Breach

One of the things that will be debated quite a bit in the next few years will be the penalties for data loss.  Read more...
By Steve Jones 2016/06/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 94 reads

The Politics of SQL Security

Dealing with SQL Server security when the application it uses is full of security holes.  Read more...
By Scott Crosby 2016/05/23 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 140 reads

The Proliferation of Roles

Using roles for security is a best practice that Steve Jones espouses.  Read more...
By Steve Jones 2016/05/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 59 reads

Track Your Consultants

It's possible to perform a man-in-the-middle attack against SQL Server. Steve Jones notes you should be aware these attacks could take place inside of your network.  Read more...
By Steve Jones 2016/03/29 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 59 reads

Forcing Strong Passwords

Passwords are always a challenge, but are bad passwords the users' fault? Steve Jones has a few thoughts.  Read more...
By Steve Jones 2016/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 100 reads

Reasonable Timeframes

Steve Jones talks about the timeframes for updating and fixing security problems in applications.  Read more...
By Steve Jones 2016/02/11 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 81 reads

The Digital Woes of Public Records

Public records have been open in the past, but today's digital access might mean problems.  Read more...
By Steve Jones 2016/02/09 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 100 reads

Maybe Security is Harder than Rocket Science

It's hard to build strong security over time, but it's worth the effort. Steve Jones notes that even smart people have problems implementing strong security.  Read more...
By Steve Jones 2016/02/02 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 106 reads

Security Convenience

Security is always a hot topic, and Steve Jones notes that we should be specific when we work with security.  Read more...
By Steve Jones 2016/01/15 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 125 reads

Rulebreaking Developers

How much of a problem is it when developers can blamed for issues?  Read more...
By Steve Jones 2016/01/07 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 233 reads

Hacking to Hide

People have hacked the voyage data recorders in ships. Steve Jones thinks this is a fundamental problem in computing systems.  Read more...
By Steve Jones 2016/01/05 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 163 reads

Why Use the Principle of Least Privilege?

SQL Injection isn't special code. It consists of regular, valid T-SQL that is unexpected by the application. Steve Jones notes that using the principle of least privilege can help to limit the damage from SQL Injection if the application fails to properly check input.  Read more...
By Steve Jones 2015/12/28 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 391 reads

Correct Old Mistakes

We all make mistakes, but it's important that we revise our code to correct them over time.  Read more...
By Steve Jones 2015/12/24 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 108 reads

Hacking Data

A new series of attacks were proven recently using music files to attach embedded systems in cars. Could this be another attack vector that we need to worry about?  Read more...
By Steve Jones 2015/12/22 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 557 reads

Running as SysAdmin

Today we have a guest editorial from Andy Warren. We still have many applications runnning under sysadmin accounts, often "sa". Why do people do this? Andy has a few thoughts on the subject.  Read more...
By Andy Warren 2015/12/21 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 502 reads

The $90,000 Laptop

The payment for a lost laptop: $90,000.  Read more...
By Steve Jones 2015/12/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 295 reads

The Auditor Attack Vector

Steve Jones shares a story about losing data today.  Read more...
By Steve Jones 2015/12/01 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 127 reads

The Biggest Data Breach (For Now)

JP Morgan suffers the largest data breach for a financial institution, but Steve Jones doesn't think this record will stand for long.  Read more...
By Steve Jones 2015/11/24 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 175 reads
<< Newer    Items 21 to 40 of 181    Older >>
 
Tags
encryption (9)    
database weekly (8)    
sql injection (7)    
software development (6)    
friday poll (5)    
auditing (4)    
passwords (4)    
backup and restore (3)    
cloud computing (3)    
devops (3)    
hackers (2)    
patches (2)    
patching (2)    
secure programming (2)    
administration (1)    
application design (1)    
biometrics (1)    
career (1)    
cissp (1)    
data retention (1)    
data security (1)    
database design (1)    
disaster recovery (dr) (1)    
legal issues (1)    
performance tuning (1)    
politics (1)    
privacy (1)    
responsibilities (1)    
roles (1)    
security awareness (1)    
sql server (1)    
ssl (1)    
today (1)    
transparent data encryption (tde) (1)    
upgrading (1)    
virtualization (1)