Andy Leonard (blog | twitter) and I are teaming up to do a security presentation today on SSIS. It's scheduled for 11 AM EDT.
Register to attend the webinar!
I'm going to go ahead and post a copy of the slides here before the presentation. There's nothing earth-shattering about the questions I'm asking. They should be ones you consider if you're working with sensitive data.
May 29th SSIS Security Presentation
We're going to look at the typical ETL (Extract, Transform, Load) pipeline and consider the weak points an attacker might go after. Our goal in this isn't to cause FUD (Fear, Uncertainty, and Doubt), but to discuss risks at each point, options for protecting the vulnerability, and what we've seen typically done (if anything). This is in keeping with one of the goals of Linchpin People:
"The way we make that investment is through building a stronger SQL community by sharing our experience and knowledge with our customers, partners, colleagues and even our competitors."
If you have questions or points you'd like to be discussed with regards to securing the ETL pipeline, drop me an email prior to the webcast at brian {dot} kelley {at} linchpinpeople {dot} com.
