Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tag Security Rss

   Items 1 to 20 of 932    Older >>
 

SQL Authentication Via AD Groups Part III: What About Orphaned Users?

With AD Authentication via groups, SQL Server is vulnerable to orphaned Windows users' logins being added to SQL Server at a later date. This article gives an improved user audit script that detects orphaned DB Users and also a delete script.  Read more...
By John F. Tamburo 2016/07/18 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 1,307 reads

Security is Getting Serious

Today Steve Jones notes that back doors could be inserted into chips, which would be a huge problem.  Read more...
By Steve Jones 2016/07/18 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 75 reads

Introduction to Row Level Security in SQL 2016

In SQL 2016 several new security features gets introduced which will help users to protect their data in many ways. New security feature Row Level Security (RLS) which implements the security inside the database itself, not at application level.  Read more...
By Kapil Singh 2016/07/14 | Source: SQLServerCentral.com | Category: sql server 2016
Rating: |  Discuss |   Briefcase | 1,322 reads

The Bad Data Shutdown

Not more hacking, but rather a data error in some cars is disturbing to Steve Jones.  Read more...
By Steve Jones 2016/07/05 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 103 reads

DevOps and Security

Are DevOps and security diametrically opposed? An interesting pieces says no, and Steve Jones comments.  Read more...
By Steve Jones 2016/06/27 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 59 reads

Column Level Permissions and DENY

By Steve Jones 2016/06/20 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,136 reads

The Penalty for a Data Breach

One of the things that will be debated quite a bit in the next few years will be the penalties for data loss.  Read more...
By Steve Jones 2016/06/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 90 reads

Certificate

By Igor Micev 2016/06/02 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,121 reads

Grant > Deny?

By Steve Jones 2016/05/23 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,292 reads

The Politics of SQL Security

Dealing with SQL Server security when the application it uses is full of security holes.  Read more...
By Scott Crosby 2016/05/23 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 132 reads

The Proliferation of Roles

Using roles for security is a best practice that Steve Jones espouses.  Read more...
By Steve Jones 2016/05/13 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 54 reads

EXECUTE AS sa

By Steve Jones 2016/04/27 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,331 reads

Track Your Consultants

It's possible to perform a man-in-the-middle attack against SQL Server. Steve Jones notes you should be aware these attacks could take place inside of your network.  Read more...
By Steve Jones 2016/03/29 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 59 reads

Row Level Security Updates

By Steve Jones 2016/03/28 | Category: row-level security (rls)
Rating: (not yet rated) |  Discuss |   Briefcase | 1,167 reads

The One 'Security' Feature in Oracle You Probably Shouldn't Use

Oracle offers a number of security-related settings, but one could definitely create more harm than good. David Fitzjarrell looks at which parameter that is, and why.  Read more...
By Additional Articles 2016/03/24 | Source: Database Journal | Category: oracle
Rating: (not yet rated)  Rate this |   Briefcase | 4,781 reads

RLS Filters

By Steve Jones 2016/03/17 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,009 reads

SQL Server 2016: The Data Protection Version

Today Steve Jones looks at the security enhancements in SQL Server 2016  Read more...
By Steve Jones 2016/02/24 | Source: SQLServerCentral.com | Category: sql server 2016
Rating: (not yet rated) |  Discuss |   Briefcase | 43 reads

Orphaned login report for all databases

Running the sp_change_users_login @Action=Report against all databases with a simple cursor wrapped around it.  Read more...
By Edward Pochinski 2016/02/23 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 880 reads

SQL Authentication Via AD Groups Part II: Who has what access?

In a previous article, we discussed how to liberate the DBA from SQL Logins with AD Groups. A good point was raised: How can the DBA know who has what access? Here is a solution.  Read more...
By John F. Tamburo 2016/02/18 | Source: SQLServerCentral.com | Category: active directory
Rating: |  Discuss |   Briefcase | 3,455 reads

Forcing Strong Passwords

Passwords are always a challenge, but are bad passwords the users' fault? Steve Jones has a few thoughts.  Read more...
By Steve Jones 2016/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 100 reads
   Items 1 to 20 of 932    Older >>
 
Tags
editorial (150)    
sql server 7 (105)    
administration (70)    
sql server 2005 (56)    
blogs (53)    
encryption (43)    
strategies (40)    
t-sql (36)    
editorial - ipod (25)    
editorial - wmv (25)    
permissions (25)    
editorial - mp3 (24)    
auditing (22)    
logins (20)    
miscellaneous (15)    
sql server 2008 (15)    
backup and restore (14)    
passwords (13)    
transparent data encryption (tde) (13)    
roles (12)    
programming (11)    
sql injection (11)    
sql server 6.5 (11)    
configuring (9)    
grant (9)    
reporting services (ssrs) (9)    
software development (9)    
database design (8)    
role (8)    
stored procedures (8)    
best and worst practices (7)    
friday poll (7)    
integration services (ssis) (7)    
sql agent (7)    
sql server (7)    
sql server 2008 r2 (7)    
user (7)    
active directory (6)    
database roles (6)    
database security (6)    
database weekly (6)    
stairway series (6)    
advanced querying (5)    
analysis services (ssas) (5)    
career (5)    
disaster recovery (dr) (5)    
execute as (5)    
hackers (5)    
news (5)    
orphaned users (5)    
schemas (5)    
secure programming (5)    
triggers (5)    
users (5)    
worst practices (5)    
authentication (4)    
biometrics (4)    
data retention (4)    
installation (4)    
legal issues (4)    
performance tuning (4)    
row-level security (rls) (4)    
server roles (4)    
sql server 2000 (4)    
sql server 2012 (4)    
best practices (3)    
certificates (3)    
cloud computing (3)    
ddl triggers (3)    
deny (3)    
development (3)    
dts (3)    
impersonation (3)    
kerberos (3)    
monitoring (3)    
other (3)    
principals (3)    
professional development (3)    
replication (3)    
service accounts (3)    
service broker (3)    
sql server express (3)    
sql university (3)    
surface area configuration tool (3)    
training (3)    
windows security (3)    
active directory groups (2)    
ad (2)    
ad groups (2)    
advanced (2)    
agent jobs (2)    
always encrypted (2)    
central management server (cms) (2)    
comparison (2)    
compliance (2)    
dac (2)    
database principals (2)    
databases (2)    
firewall (2)    
guest user (2)    
indexing (2)    
integrated security (2)    
logon triggers (2)    
members (2)    
ownership (2)    
ownership chaining (2)    
patches (2)    
permission (2)    
policy based management (pbm) (2)    
powershell (2)    
privilege escalation (2)    
product reviews (2)    
profiler (2)    
rants (2)    
revert (2)    
reviews (2)    
scripting (2)    
secure (2)    
service packs (2)    
setuser (2)    
sid (2)    
spn (2)    
sql server 2014 (2)    
sql server 2016 (2)    
sql server architecture (2)    
sql-dmo (2)    
survey (2)    
tcp/ip (2)    
tools (2)    
user defined function (udf) (2)    
xml (2)    
xsl (2)    
.net (1)    
access restriction (1)    
administrator (1)    
ado (1)    
aggregates (1)    
alerts (1)    
alias (1)    
alwayson (1)    
analysis services (1)    
application design (1)    
architecture (1)    
asymmetric keys (1)    
audit (1)    
automation (1)    
azure (1)    
azure sql database (1)    
bcp (bulk copy program) (1)    
broker security (1)    
browser service (1)    
bugs (1)    
c# (1)    
change db owner (1)    
cissp (1)    
cloud (1)    
code signing (1)    
conferences/user groups (1)    
configuration (1)    
connect any database (1)    
continuous integration (ci) (1)    
control server (1)    
create database (1)    
credentials (1)    
credit card numbers (1)    
cross-database ownership chaining (1)    
cryptography (1)    
data driven (1)    
data mining (1)    
data security (1)    
database mail (1)    
database master key (dmk) (1)    
database object permissions (1)    
database owner (1)    
database ownership (1)    
database permissions (1)    
database users (1)    
dbcc (1)    
ddl (1)    
default trace (1)    
devops (1)    
dimensions (1)    
distributed queries (1)    
dmk (1)    
dmv's (1)    
dynamic data masking (1)    
dynamic sql (1)    
endpoints (1)    
english query (1)    
eventdata (1)    
events (1)    
execution context (1)    
extended stored procedures (1)    
filestream (1)    
fixed server roles (1)    
general administration (1)    
grantee (1)    
grantor (1)    
hashbytes (1)    
hexadecimal (1)    
integrated security. (1)    
job (1)    
linked server (1)    
list (1)    
logon trigger (1)    
maintenance (1)    
management studio (ssms) (1)    
microsoft sql server (1)    
msdb (1)    
networking (1)    
openxml (1)    
oracle (1)    
parameter (1)    
pass (1)    
password (1)    
password cracking (1)    
patching (1)    
politics (1)    
presenting (1)    
privacy (1)    
professional organization for sql server (1)    
proxy accounts (1)    
public (1)    
rename (1)    
report server (1)    
responsibilities (1)    
restore (1)    
sa (1)    
sanpshot (1)    
script (1)    
securables (1)    
security awareness (1)    
securityadmin (1)    
server principals (1)    
server_principals (1)    
sharepoint (1)    
sid mismatch check (1)    
smk (1)    
sp_cycle_errorlog (1)    
sp_msforeachdb (1)    
sql jobs (1)    
sql logins (1)    
sql puzzles (1)    
sql server permissions (1)    
sql spackle (1)    
sqlrx (1)    
sqlservercentral (1)    
ssl (1)    
sspi (1)    
stored procedure (1)    
storing passwords (1)    
symmetric keys (1)    
sysadmin (1)    
system databases (1)    
system development life cycle (1)    
tabular model (1)    
today (1)    
trust (1)    
trustworthy (1)    
type (1)    
updategrams (1)    
upgrading (1)    
virtualization (1)    
visual basic 6 (1)    
vulnerability (1)    
windows (1)    
xp_logininfo (1)