Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: April 2009

Speaking / Teaching Engagements in May

May 21

I will be teaching a half day course on SQL Server security and auditing for the Midlands Chapter of ISACA.This is a course intended for auditors and will be a technical deep dive on the SQL Server security features and how to audit activity properly. The purpose… Read more

Midlands PASS May Meeting

The Midlands PASS Chapter will be meeting next Thursday night, May 7, at Training Concepts. We have the privilege of welcoming the head of our sister group, the Columbia Enterprise Developer's Guild, Chris Eargle. Chris is a C# MVP and INETA Community Champion.

Bio:

Chris Eargle began… Read more

The #1 Secret to Building Your Skill Set is...

Self-Discipline

Yes, I've said it: self-discipline.

I'm reading a book called Disciplines of a Godly Man by R. Kent Hughes. Now as might be suggested by the title, it is a book that has at its basis, a focus on improving oneself spiritually. However, Hughes doesn't start out the book… Read more

Security Basics: Defense-in-Depth

In my security presentations, another basic I talk about is defense-in-depth. The idea here is to produce multiple layers of protection against a particular attack. For instance, imagine malicious code against your home computer. This is a case where you likely already practice defense in depth, as this illustration shows.… Read more

SQL Quiz 4: Leadership

I'm finally getting around to answering this one originated by Chris Shaw (@SQLShaw), as I was tagged by Jack Corbett (@unclebiguns) earlier. In addition, Chuck Boyce (@chuckboycejr) tagged me on Friday, so I figured I had better offer some response or fall off the "SQL hotness" chart, as… Read more

Patterns & Practices SIG starting up in Columbia, SC

C# MVP Chris Eargle (@kodefuguru on Twitter), who is also an INETA community champion and president of the Columbia Enterprise Developer's Guild, is starting up a patterns and practices special interest group (SIG) here in Columbia, SC. As with our Midlands PASS Chapter meetings, this group will meet… Read more

SQL Server Security Basics: Why Would I Use SQL Server Authentication?

The standard best practice answer when it comes to connecting to SQL Server is to use Windows authentication. However, SQL Server-based authentication exists, and there are some times when it's a best practice (or only practice) to use it. Wait a second... what do you mean by having two best… Read more

Simple Maintenance Tasks for Non-Production Databases

Log File Sizes:

It's not unusual to see cases where database backups are taken from production and restored to a development or QA environment. Often times the database in production requires point-in-time recovery, meaning we set it up to use full recovery mode. However, when it goes to non-production, there is no need for that… Read more

Catalog View: sys.sql_logins

 When it comes to logins to SQL Server, there are basically 3 types:

  • SQL Server-based logins
  • Windows user accounts
  • Windows security groups

The latter two we have limited control. We can grant them the ability to connect to SQL Server and we can then make them users within the databases.… Read more

SQL Server Security Basics: Logins vs. Users

 When I discuss SQL Server security, one of the basic concepts I concentrate on is the difference between logins and users with respect to SQL Server. As of SQL Server 2005, Microsoft introduced new terminology, that of server and database principals. So the mappings look like:

  • login = server principal

Read more

Security Basics - The C-I-A Triad

In the course of giving my security presentations over the past year, I've learned that quite a few folks have never seen the C-I-A triad before. The C-I-A triad stands for:

  • Confidentiality
  • Integrity
  • Availability

It's often illustrated using a triangle like so:

 

 The C-I-A triad forms the basis of how… Read more

Getting Started with Technical Presentations

I was talking with a gentleman last night after the Greater Charleston .NET User Group about career development. He's not currently a DBA, but that's what he wants to go in his career. Since DBA work isn't his day-to-day job, he asked for ideas about how to keep his skills… Read more

It's a .NET World!

Next week I'll be giving presentations in Charleston and in Florence here in South Carolina.

Tuesday, April 14, 2009 - Pee Dee Area .NET User Group - Getting the Most Out of Your SQL Server Queries

You can register and find directions at the PDANUG web site (http://www.pdanug.net/).… Read more

Midlands PASS Meeting Tonight!

Next Meeting - April 2, 2009

SPEAKER: Paul S. Waters

During Paul’s 16 years of working in IT, he has held a variety of positions including Director of IT, application developer, network administrator and help desk manager. He is a business intelligence architect for AMECO in Greenville, SC working with…

Read more