SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

If or When?

By Steve Jones,

I saw this post recently about security and preparing for a data breach. The title caught my eye because it implies that we're all doomed. Do the rest of you think that? Is it a question of when we'll have a security breach not if?

Given the headlines, the news we find out about companies not disclosing security issues, the back doors and poor code in much software, is it any wonder that people think it's a "when" and not an "if"? Given the lack of realization from many companies that suffer incidents that they were even attacked, perhaps that's an assumption worth making.

We've been hacked at SQLServerCentral in the past. I don't think we've been hacked in many years, but I also have no way of knowing. That's the difficult part of dealing with bits. If they get copied, there's not necessarily a trace of anything amiss. It's quite possible that many of us have no idea that our bits are being copied. Every read is a copy of data and how long did the NSA read data without most of us being aware? How sure are we that they, or some other organization, hasn't been reading much more than was disclosed?

I'd hate to think that our systems are so porous that we're all likely to get hacked at some point. It's probably technically possible, but hopefully not likely for most of us. However we should consider that it will happen and ensure we have some handle on our data security. It's hard, and complex for most of us, and I'd like to think that Microsoft will recognize this and build better controls and features into future versions of Windows and SQL Server that enable easier auditing, granular controls and separation of duties.

Total article views: 151 | Views in the last 30 days: 1
Related Articles

I'm thinking of hosting a series of webinars on SQL Server security

With the PASS Summit sessions announced, I took a quick look to see how many were what I'd consider ...


Thinking Time

Taking time away from life and just thinking is important.


Security by Obscurity

Today we have an editorial reprint from Aug 23, 2005 as Steve is on vacation. Does security through ...


New Security Holes

Siri is seen as a data security hole at IBM. This is something that Steve Jones thinks we might need...


Why Secure the Database?

You're behind a firewall, you have passwords. Why spend any great amount of time on extra database s...