Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Security and Honesty

By Steve Jones,

Information is power. That's been a saying I've lived by as a data professional for years. That has guided me to capture additional data in applications, often data business users did not think was important initially. The power of information led me to monitor my servers, and proactively look for ways to improve performance. Using resources like SQLServerCentral allowed me to learn about what others were doing, what worked, and what didn't. The dissemination of information has helped me to have a successful career as a DBA.

When I see articles like this one, where companies are not disclosing the security issues they face, I worry that our industry is not advancing as quickly as it can. It's important for us to share technical challenges and solutions among as many people as possible in technology. Our systems are complex, the sheer number of technologies is overwhelming for any one person or even company. The vulnerabilities, bugs, and attacks outweigh the technologies by far, yet our employers so often do not want to disclose any issues for fear of bad publicity.

It's time that this was required. Every company gets attacked, and probably most get hacked in some way. Rather than pretend that they are invulnerable, make the information public, or at least public to other IT workers. It doesn't have to be a press release from your company, but companies should be required to disclose the problems they've had, the vulnerabilities they faced, and the mitigation measures. I don't want to invite attacks, but I also think that we are building more and more poorly developed applications on top of poorly architected foundations.

Within a reasonable time, companies ought to be forced to disclose the issues. They don't have to fix them, but the disclosure might just encourage them to spend a little more time ensuring that their infrastructure is protected.

Steve Jones


The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Total article views: 123 | Views in the last 30 days: 1
 
Related Articles
BLOG

Podcasting

A new video setup is on the way!!!! Actually I'll do a couple podcasts on podcasting over the hol...

ARTICLE

Expect an Attack

Most companies in a recent survey expect to get hacked this year. Steve Jones wishes that the techno...

ARTICLE

Podcast Announcements

Podcast Feeds

FORUM

Podcast Problem

Podcast Problem Blocked by group policy

FORUM

injection attack

injection attack to saeed

Tags
editorial    
security    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones