If you were putting together a security awareness training program for developers, what aspects of SQL Server security would you include? Keep in mind that most awareness training classes are 1-2 hours maximum, so "everything" isn't a feasible answer. What would be most important for the developers to understand, in your opinion? Some starter subjects: use of ownership chaining, data handling best practices, encryption.
IT Security, MySQL, Perl, SQL Server, and Windows technologies.