Unless James Bond is in the picture, security is usually not a sexy topic. However, we all lament the lack of security when it directly affects us or when the amount of security is an encumbrance which provides no perceivable benefit. That's why I put a full down pre-con session for SQL Rally together to get it right with respect to SQL Server. And this pre-con isn't just for SQL Server professional types, either. It's also for the audit and security types and it may provide 8 hour of CPEs for their current certifications (I need to verify this).
Vote for your choices at the PASS SQLRally event page.
So what's my pre-con all about? My learning objectives are that you come away with a knowledge of:
Here's the abstract which describes what we'll cover:
In this pre-conference seminar, we will look at best practices and practical methods for securing and auditing Microsoft SQL Server. We'll start from the operating system and work our way into SQL Server itself down to the object and column level. In this full-day class, you'll come away with a solid understanding of general security principles and how to apply them to your SQL Server installations, how attackers like to go after servers and database servers in particular, the security model for the Microsoft SQL Server database engine, how it interacts with the Windows operating system, which security features are available in each version and edition of SQL Server, how to audit for permissions, rights, and data access across SQL Server 2000 through 2008, how to properly report and alert on suspicious or unusual activity, and finally, what encryption options are available within SQL Server.
And here's the schedule: