What happens if we can't access the Internet? We should be prepared, at home and work. Steve Jones has a few comments.  Read more...

Security is a complex process, one that is becoming more and more important to DBAs all the time. This week Steve Jones wants to know how security is handled for your service accounts.   Read more...

No matter what we do to secure our databases, we need to be sure our applications are well written, both with secure coding, but also good information handling.  Read more...

The potential vulnerabilities of wireless devices might be a security issue for databases.  Read more...

This week Steve Jones looks at a new idea, rating the security of products publicly to try and shame vendors into more secure coding.  Read more...

Today Steve Jones notes that back doors could be inserted into chips, which would be a huge problem.  Read more...

With AD Authentication via groups, SQL Server is vulnerable to orphaned Windows users' logins being added to SQL Server at a later date. This article gives an improved user audit script that detects orphaned DB Users and also a delete script.  Read more...

In SQL 2016 several new security features gets introduced which will help users to protect their data in many ways. New security feature Row Level Security (RLS) which implements the security inside the database itself, not at application level.  Read more...

Not more hacking, but rather a data error in some cars is disturbing to Steve Jones.  Read more...

Are DevOps and security diametrically opposed? An interesting pieces says no, and Steve Jones comments.  Read more...

One of the things that will be debated quite a bit in the next few years will be the penalties for data loss.  Read more...

Dealing with SQL Server security when the application it uses is full of security holes.  Read more...

Using roles for security is a best practice that Steve Jones espouses.  Read more...

It's possible to perform a man-in-the-middle attack against SQL Server. Steve Jones notes you should be aware these attacks could take place inside of your network.  Read more...

Oracle offers a number of security-related settings, but one could definitely create more harm than good. David Fitzjarrell looks at which parameter that is, and why.  Read more...

Today Steve Jones looks at the security enhancements in SQL Server 2016  Read more...

In a previous article, we discussed how to liberate the DBA from SQL Logins with AD Groups. A good point was raised: How can the DBA know who has what access? Here is a solution.  Read more...

Passwords are always a challenge, but are bad passwords the users' fault? Steve Jones has a few thoughts.  Read more...

Steve Jones talks about the timeframes for updating and fixing security problems in applications.  Read more...

Public records have been open in the past, but today's digital access might mean problems.  Read more...