SQLServerCentral.com Content tagged Security

To Check for Orphaned Users in a Database

Wed, 22 May 2013 06:00:00 UT

This script is helpful to identify the orphaned users in a database, useful when we restore a database from a different location.

New! Safeguard your SQL backups
Protect your backups from onsite disaster with SQL Backup Pro and a Hosted Storage account from Red Gate. Learn more

CREATE SCHEMA can do what?!?!?

Tue, 21 May 2013 06:00:00 UT

So I was studying for the 70-451 and ended up reading the BOL entry for CREATE SCHEMA. I honestly can’t...

Loginless In Seattle

Mon, 13 May 2013 06:00:00 UT

Identify orphaned Database Users and differentiate them from "Loginless" Database Users.

The Security of You

Fri, 03 May 2013 06:00:00 UT

There is a lot of data out there that is specific to an individual, none more important perhaps than biometric data. Steve Jones writes a bit about the security implications involved in working with this data. (This editorial was originally published on Nov 10, 2008. It is being re-run as Steve is at SQL Bits.)

Getting the lowdown on 18456 errors

Tue, 30 Apr 2013 06:00:00 UT

If you can establish a connection to a SQL Server, but are having problems logging in to it, you will...

Script to find username and corresponding loginname for all user DB

Mon, 29 Apr 2013 06:00:00 UT

Script to find username and corresponding loginname for all user database in SQL Server

Change DB Owner to sa for multiple DB's

Fri, 26 Apr 2013 06:00:00 UT

Changes DB owner to sa for Online DB's where owner is not sa

Database source control in just 5 minutes
It takes just 5 minutes to connect your SQL databases to source control. Got 5 minutes to spare? Get started now.

The Patch Wild, Wild West

Wed, 17 Apr 2013 06:00:00 UT

Microsoft might be changing their patching process for applications. This has Steve Jones worried they may move towards an Apple/iOS like model, which would not be good for server systems.

Security: People Are the Weakest Link

Fri, 05 Apr 2013 06:00:00 UT

There was an interesting conversation on Twitter today about security awareness and why the training so often fails. From my perspective, here's...

Database source control in just 5 minutes
It takes just 5 minutes to connect your SQL databases to source control. Got 5 minutes to spare? Get started now.

How do I move a SQL login from one server to another without the password?

Wed, 03 Apr 2013 06:00:00 UT

This is an uncommon task but one that does turn up every once in awhile. A SQL login has to...

The Command Shell

Fri, 29 Mar 2013 06:00:00 UT

This Friday Steve Jones talks about xp_cmdshell and the security regarding its use. Do you have any holes that might exist if administrators are allowed to use this tool on their instances?

A Good Security Response

Tue, 26 Mar 2013 06:00:00 UT

Evernote recently had a security incident and forced all users to reset their passwords. Many people thought this was a good response to a security incident. Would your company act in a similar manner?

Algorithm Secrecy is not Security

Mon, 18 Mar 2013 06:00:00 UT

This week Steve Jones talks encryption and why you shouldn't be implementing anything you've invented.

Script to clean up “Windows” logins no longer in AD

Tue, 12 Mar 2013 06:00:00 UT

I was scanning http://dba.stackexchange.com and ran across the following question: http://dba.stackexchange.com/questions/31478/sql-server-script-to-delete-accounts-no-longer-in-active-directory Basically the OP wanted to know how to get rid of...

Securing SQL Server: Vulnerabilities You Might Not Have Considered

Thu, 07 Mar 2013 07:00:00 UT

A short look at the vulnerabilities your data may be susceptible to outside of the database tables.

Data We Don't Want

Tue, 05 Mar 2013 07:00:00 UT

There's potentially an exploit that can download lots of data to a machine. This shouldn't be a concern for servers, but you never know.

Make working with SQL a breeze
SQL Prompt 5 is the effortless way to write, edit, and explore SQL. It's packed with features such as code completion, script summaries, and SQL reformatting, that make working with SQL a breeze. Try it now.

How to recover a SQL Server login password.

Mon, 04 Mar 2013 07:00:00 UT

I will describe a simple method anyone can use to obtain lost password information for a SQL Server login.

Security Change Snapshot

Thu, 28 Feb 2013 07:00:00 UT

This script gives a server level snapshot of recent security changes

Alter User

Mon, 18 Feb 2013 07:00:00 UT

Stored Procedures and SQL Injection

Mon, 18 Feb 2013 07:00:00 UT

Why do stored procedures help with security? In this piece, MVP Brian Kelley explains why SQL Injection and information gathering are hampered with stored procedures.

Granting Permission to Grant Permissions

Fri, 08 Feb 2013 07:00:00 UT

I’ve never felt the need to allow this, but I saw someone ask the questions recently. Suppose you had a...

Serious Security

Thu, 17 Jan 2013 07:00:00 UT

The password issue has Steve Jones concerned. So many of us that use computing devices don't do a good job of securing our information.

Statistical Protection

Tue, 08 Jan 2013 07:00:00 UT

Statistical databases contain lots of information that can be used in a variety of ways, but it can also be abused. Steve Jones talks about some of the problems and potential solutions.

The $50,000 Laptop

Mon, 07 Jan 2013 07:00:00 UT

The average value of a lost laptop has been found to be much more than you might expect. Steve Jones talks about a recent study.

List all Usernames, Roles for all the databases.

Mon, 31 Dec 2012 07:00:00 UT

Generates a list of ALL Users and their database Roles for all Databases (Or for a specific user).

The Principle of Least Privilege

Fri, 21 Dec 2012 07:00:00 UT

One of the tenets of good security is that no person or process is granted more rights than it needs...

You Need to Manage Passwords

Tue, 18 Dec 2012 07:00:00 UT

I saw a note this week from CNet about a system built to crack passwords (also on ArsTechnica). It reminded...

New! Safeguard your SQL backups
Protect your backups from onsite disaster with SQL Backup Pro and a Hosted Storage account from Red Gate. Learn more

Logins vs Users

Wed, 12 Dec 2012 07:00:00 UT

Logins are not Users. It’s a pretty easy concept but one that seems to give a lot of people problems....

Regulators, Mount Up

Wed, 28 Nov 2012 07:00:00 UT

If you are bound by HIPAA regulations, you may have more auditing in your future. If you're not, perhaps you should still pay attention to the criteria being used for auditing.

Password Insecurities

Mon, 26 Nov 2012 07:00:00 UT

Tony Davis argues that the Standards and best practices exist to avoid being hacked, but implementing them requires time and investment and often there simply doesn't seem to be the will to do it.