Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

PVPs

By Steve Jones,

I had it happen to me. We had an SSL certificate for a website that one of my employers ran. I actually purchased the certificate, and it secured our communications for a couple years until one day it didn't. The certificate expired and the website stopped accepting connections. If I had noticed, it might not have been a big deal. However when the owner of the company gets a call from one of his large customers, it's an much bigger issue.

If you worked at Microsoft last year when their security certificate expired, it was an even bigger deal. It's not that an affected customer that sends a note; it's affected, unaffected, and potential customers that hear about the issue from the media. It seems like tracking private virtual properties (PVPs) ought to be easy, but it's not. As pointed out in this piece, there are a number of issues at an organizational level, and while there are fixes, it takes some effort.

In many businesses that have periodic activities required for physical assets, there are often people dedicated to tracking, or performing the activity. Mechanics know about maintenance on vehicles, accountants renew leases, workers replace equipment nearing the end of service. Often the time lines and activities involved are understood, and individuals understand their responsibilities.

This showcases another area in which technology is woefully immature. Need a certificate? It takes a person with specialized knowledge to understand what's needed, purchase it, and install it. This person either then moves on to a new role without leaving instructions behind, or isn't well equipped to understand the need to track the expiration and replacement of the technical item. There often isn't even a system set up to handle replacements of these items, which might be superseded or replaced by some entirely new type of technical wizardry.

Managing and tracking PVPs is hard, and I suspect, going to get harder. Security requirements increase, technical requirements grow, and specifications change. I'd like to say I'm confident Azure (or AWS or another large service) will never have another outage because of this, but I wouldn't be surprised if they do.

Total article views: 70 | Views in the last 30 days: 1
 
Related Articles
BLOG

Certification

There seems to be quite a flurry of talk these days about certification. There is evidence of it in...

BLOG

SQL Server 2012: Certification Upgrade Info

As a follow-up to my SQL Server 2012: New Certification Info, Microsoft Learning has announced the c...

FORUM

Certificate

Certificate

BLOG

Certifications – and a survey.

G’day, There’s a lot of mixed opinions around about certifications. Are they worth while, do they ...

BLOG

Active August posts

I've started a blog to write down and track my personal goals: The Goal Keeping DBA Since Active A...

Tags
editorial    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones