Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tags Security, Strategies Rss

<< Newer    Items 21 to 40 of 45    Older >>
 

Easy Auditing a Shared Account

Despite the major advances made with Profiler in SQL Server 2005, auditing changes isn't one of the strengths of the product. New author Sergey Pustovit brings us his technique that allows auditing of actions using shared accounts from an application. A few minor code changes, but overall this is a very interesting idea.   Read more...
By Sergey Pustovit 2005/07/20 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 6,951 reads

10 Steps to Securing your SQL Server

Securing your SQL Server can be an arduous task, but very rewarding. This article covers 10 steps to properly protecting your data.   Read more...
By Brian Knight 2005/05/27 (first published: 2003/04/03) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 43,769 reads

The Case of the Stolen Laptop: Mitigating the Threats of Equipment The

The fear of having laptops stolen is a huge worry for all organizations. Maybe it’s even happened to you (I hope not!). The solution is simple, really -- don’t let your laptop get stolen. (I can hear you laughing now.) Keep the thing with you at all times, or leave it in your hotel room when you don’t want to carry it around. Yes, everyone has heard the warnings about hotel room theft, but I’ve never had something stolen from a hotel room and I spend well over 200 nights a year in hotels. (If you travel to a location where the general population has kleptomaniac tendencies, stay in hotels that offer safes in the room.) You’re far more likely to leave your laptop or PDA or smart phone or USB drive lying on the seat in a taxi or on the counter at a bar.  Read more...
By Additional Articles 2005/02/28 | Source: TechNet Blogs | Category: security
Rating:  Rate this |   Briefcase | 1,246 reads

DATA PIRACY: THE THREAT FROM WITHIN

Databases are being stolen. Customer data, credit card data, taxpayer data - they're all vulnerable. Scary? Yes - but wait, there's more. It's not just "their" data that's vulnerable - it's ours too!   Read more...
By Additional Articles 2005/01/21 | Source: TDAN | Category: security
Rating:  Rate this |   Briefcase | 2,048 reads

Common Vulnerabilities in Database Security

Creating an enterprise security plan is a complex endeavour. It involves evaluating multiple threats that gain access through many network paths to a hodgepodge of different applications and systems. With the focus on systems and paths, databases are frequently overlooked. Securing the database should be a fundamental tenet for any security practitioner when developing his or her security plan. The database is the source of data, the "crown jewels" in the information economy. Any security effort must start with this in mind and end with the strongest level of controls applied at the database layer.  Read more...
By Additional Articles 2004/11/26 | Source: Other | Category: security
Rating:  Rate this |   Briefcase | 2,079 reads

SQL Server Alerts

SQL Server Alerts provide a great way for the server to notify a DBA that some event has occurred, usually something bad that they need to fix. However alerts can also be used to drive business logic processes and enable some types of actions to be safely performed without requiring extraordinary rights by a user. Author Leo Peysakhovich brings us some ideas on how we can use alerts to implement business logic processing.   Read more...
By Leo Peysakhovich 2004/08/10 | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 20,536 reads

Save Your Password

Storing passwords in SQL Server for authentication by your application is a common practice. But not always a good one. Someone with access could easily see all passwords and perhaps cause mischief inside your application. Imagine the office gossip getting access to your HR application as the HR director! Not a good thing. Dinesh Asanka has written a short piece on how you can use a built in function in SQL Server to encrypt these passwords and use them with a minimum of effort.   Read more...
By Dinesh Asanka 2004/07/12 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 13,139 reads

Fixing broken logins and transferring passwords

When transferring a database to a new server, you are bound to experience a user problem. In this article by Neil Boyle, he shows you how to transfer passwords and accounts seamlessly to a new server.   Read more...
By Neil Boyle 2004/07/05 (first published: 2002/08/14) | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 23,925 reads

Fixed Database Roles

This article covers four of the fixed database roles (db_datareader, db_datawriter, db_denydatareader, and db_denydatawriter). If you're new to SQL security (and maybe even if you're not) this article is worth reading.   Read more...
By Andy Warren 2003/10/10 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 10,018 reads

SecureWave's SecureStack 3.0 Release

SecureWave forwarded us this link to some info about their product - they claim to be the only product capable of protecting SQL Server from buffer overflow attacks. You can download a free eval from their site. We have not reviewed this product.  Read more...
By Additional Articles 2003/04/29 | Source: Other | Category: security
Rating:  Rate this |   Briefcase | 926 reads

Dynamic SQL or Stored Procedure

We've had a lot of coverage of dynamic sql (including another great one from Robert Marda later this week) but this one is a little different. Done in a question/answer format, Andy tries to explain to junior developers why dynamic sql is to be avoided, how to do so, what to do when you can't.   Read more...
By Andy Warren 2005/08/26 (first published: 2003/04/23) | Source: SQLServerCentral.com | Category: performance tuning
Rating: |  Discuss |   Briefcase | 47,237 reads

10 Steps to Securing your SQL Server

Securing your SQL Server can be an arduous task, but very rewarding. This article covers 10 steps to properly protecting your data.   Read more...
By Brian Knight 2005/05/27 (first published: 2003/04/03) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 43,769 reads

The Case for SQL Logins - Part Two

In this follow up to one of our most popular articles, Andy responds to comments posted by readers and discusses how to manage SQL logins effectively in your applications.   Read more...
By Andy Warren 2002/08/19 | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 6,769 reads

Fixing broken logins and transferring passwords

When transferring a database to a new server, you are bound to experience a user problem. In this article by Neil Boyle, he shows you how to transfer passwords and accounts seamlessly to a new server.   Read more...
By Neil Boyle 2004/07/05 (first published: 2002/08/14) | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 23,925 reads

Worst Practices - Encrypting Data

Continuing with the Worst Practices Series: Steve Jones examines why encryption in the database is a bad idea.   Read more...
By Steve Jones 2002/01/08 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 8,379 reads

Enforcing Security in Multi-Tier Applications

The major part of the article, however, is dedicated to a topic that often confuses people and leads to some of the strongest disagreements among IT professionals and developers: the benefits and drawbacks of enforcing security in the middle (or business) tier versus the data tier.   Read more...
By Additional Articles 2001/12/25 | Source: Microsoft MSDN | Category: security
Rating:  Rate this |   Briefcase | 1,448 reads

Worst Practices - Depending on the GUI

One of the strengths of SQL Server is its ease of management and administration over other systems. Oracle, DB2, even early versions of SQL Server required command line mastery to make many types of changes. But should you really be using the GUI for most of your tasks?   Read more...
By Steve Jones 2001/12/04 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 6,210 reads

Worst Practices - Assigning Users Rights

Continuing with Andy Warren's series on Worst Practices for a DBA, Steve Jones joins in this week with his worst practice.   Read more...
By Steve Jones 2001/11/06 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 7,184 reads

Microsoft Announces a New Security Program

Microsoft has announced a new security program to help system administrators secure their sites. Worth a read.   Read more...
By Additional Articles 2001/10/19 | Source: Microsoft SQL Home | Category: security
Rating:  Rate this |   Briefcase | 3,660 reads

SQL Server Security Best Practices

Learn how to secure your data by implementing SQL Server security best practices.   Read more...
By Additional Articles 2001/09/20 | Source: Other | Category: security
Rating:  Rate this |   Briefcase | 3,230 reads
<< Newer    Items 21 to 40 of 45    Older >>
 
Tags
sql server 7 (17)    
miscellaneous (6)    
administration (4)    
best and worst practices (4)    
programming (3)    
sql server 2005 (3)    
sql server 6.5 (3)    
t-sql (3)    
worst practices (3)    
development (2)    
other (2)    
advanced (1)    
advanced querying (1)    
best practices (1)    
configuring (1)    
database design (1)    
disaster recovery (dr) (1)    
news (1)    
performance tuning (1)    
rants (1)    
sql puzzles (1)    
sqlservercentral (1)    
stored procedures (1)    
xml (1)    
xsl (1)