I’ve never felt the need to allow this, but I saw someone ask the questions recently. Suppose you had a...  Read more...

The password issue has Steve Jones concerned. So many of us that use computing devices don't do a good job of securing our information.  Read more...

Statistical databases contain lots of information that can be used in a variety of ways, but it can also be abused. Steve Jones talks about some of the problems and potential solutions.  Read more...

The average value of a lost laptop has been found to be much more than you might expect. Steve Jones talks about a recent study.  Read more...

Generates a list of ALL Users and their database Roles for all Databases (Or for a specific user).  Read more...

One of the tenets of good security is that no person or process is granted more rights than it needs...  Read more...

I saw a note this week from CNet about a system built to crack passwords (also on ArsTechnica). It reminded...  Read more...

Logins are not Users. It’s a pretty easy concept but one that seems to give a lot of people problems....  Read more...

If you are bound by HIPAA regulations, you may have more auditing in your future. If you're not, perhaps you should still pay attention to the criteria being used for auditing.  Read more...

Tony Davis argues that the Standards and best practices exist to avoid being hacked, but implementing them requires time and investment and often there simply doesn't seem to be the will to do it.  Read more...

There are over half a million database servers out on the Internet without protection. How can this happen?  Read more...

As you begin developing reports for deployment to a Report Server, what security considerations need to be taken into account in order to grant users access to run a report.  Read more...

Today is black Tuesday for October 2012. One security bulletin is specifically for a component of the SQL Server stack:...  Read more...

I want to backup my SQL Server databases to a folder, but I want to minimize who has access to the folder. In other words, I want to make sure that members of the Windows Local Administrators group don't get to the backups without intentionally trying to bypass the security. How do I do that?   Read more...

A database security survey for a CS student. If you can spare a few minutes, I know he'd appreciate it.   Read more...

If we rewrite the coding rules, will software be more secure? Steve Jones thinks it might and that we should be constantly looking to change the techniques, patterns, and skills we have.  Read more...

More stuff you may find interesting. Prepare for your first security breach. Sobering. As data professionals we’re going to get pulled...  Read more...

Worms have been around a long time in computer systems. However changes in the global policies of governments and the possible retaliation for cyber warfare should have DBAs concerned.  Read more...

One of the security recommendation inside SQL Server Security Best Practice white paper for guest user is that, to disable...  Read more...

It's been a while since I was in the day-to-day business of security patches. However, I still keep up with...  Read more...