Here are the two presentations from last week. On Thursday I went to Miramar, Florida and presented Fortress SQL Server. This is a new presentation in which I tried to tie in some of the business aspects and concerns with regards to presenting our cases to business and our end users as to why we need resources for a security effort. That presentation wasn't one of my best, unfortunately. Special thanks to the brave souls who came out despite the weather. Hopefully you got something out of the presentation and I apologize for being late!
Fortress SQL Server Presentation (zipped)
On Saturday I helped out with SQL Saturday #8 in Orlando and presented an updated Protecting Your SQL Server from Treasure Seekers to add content for SQL Server 2008, including using Policy Management for surface area configuration. I also got to meet up and talk at length with some great folks. Got to catch up with Andy Warren and Steve Jones and finally met Jack Corbett from the SQL Server Central forums and Robert Cain (twitter ArcaneCode). Jack, Robert, and I helped get lunch setup and ran the lunch lines although Jack admittedly did most of the work. Also got to talk more with Plamen Ratchev, who I had met earlier in the week.
Protecting Your SQL Server from Treasure Seekers (zipped)
Microsoft tries to stick with the second Tuesday for security bulletin releases and has only released out-of-band a handful of times since going to that release cycle. Well, today's the day as it looks like another out-of-band release will come out:
Microsoft Security Response Center blog post
Microsoft Security Bulletin Advance Notification release
The information provided indicates it's a remote code execution vulnerability affecting Microsoft Windows that's rated critical.
I know, another non-technical blog post. But this one is career-related as well.
In high school I was introduced to William Faulkner, one of the greats in American literature. The president of the South Carolina Governor's School for Science and Mathematics then, Dr. Lee Cox co-taught my 1st semester Special Topics in English class. He introduced us to Faulkner and I both loved and hated this American lit. giant. I loved him because his work was outstanding. I hated him because I was going to be tested on said work (and Dr. Cox was sure to test us in a way that proved we knew the work). Faulkner is the one who gave us the following quote, "The work never matches the dream of perfection the artist has to start with." As someone who has endeavored to write and improve my writing, I would agree wholeheartedly with Faulkner's view. So why write?
One of the biggest gaps technicians face is how to explain deeply technical problems and issues to less technical folks, whether they be end users, junior technical personnel, or management. When put on the spot, say at a project meeting or when something catastrophic has happened, if we've not developed an ability to communicate effectively our technical concerns in a manner which others can understand,likely we'll only make the situation worse. Been there, done that, and my dresser drawer is overflowing with the t-shirts. At times it's something I struggle with even now, even though I realize the importance of bridging the communication gap.
One great way to improve our ability to present technical things in a way for an audience to understand is to write. At first, writing about technical subjects for a technical audience is a good way to build our confidence and ability. It ensures we know what we're talking about. It helps us develop proper grammar, spelling, editing, and an overall readable output. Whether this writing be in email messages, in technical documentation, or in articles on a community site, simply practicing the art of writing with the intent to improve will help greatly. As we get better at writing in general, we can branch out to what for us are more difficult audiences, such as non-technical readers. The better we're able to communicate with those other than the "uber-techs," the more influence we'll have, the more our opinion is likely to be valued, and the more likely our concerns will be heard, understood, and respected.
So that's writing. How does that help with those project meetings? Well, the more we practice how we communicate, the better we get at it. Therefore, learning how to write well will help us speak well, too. And that leads back to getting our point across, having that point be respected and considered, and really, that's all we can ask, right? To further reinforce this point, I'll refer to one of the pieces of advice I was given by a Competent Toastmaster (now called a Competent Communicator) when I first started in Toastmasters: write my speeches down. His point wasn't that I write my speech and memorize it. Rather, by writing a speech down and practicing it from the written script I would become more familiar and comfortable with what I was going to say. And as a result, I would be better able to give the speech without notes. This is essentially what we do when we are on the spot at a project meeting. If we've taken the time to write out our concerns, our thoughts, etc., when it comes time to verbalize them, we'll be better equipped to do so. And the better we write, the better we'll speak.
To this end I'm endeavoring to write some every day. Monday through Friday I am committed to write a devotional based on my faith. I've been inconsistent in recent months and that needs to change. But I also want to ensure I'm writing a lot more professionally (and not just blog posts, either). And I want to work on personal writing projects, especially delving back into poetry. I've often heard it said that great writers write every day. I know that when I was at The Citadel and a member of the Regimental Band and Pipes, the band director, Major Day, brought in this tuba player who used to play with the President's Own. That old tuba player said the secret to his success was practicing every day. Practicing, even if it was for as little as 15 minutes. Practicing, even when one was sick and didn't feel like it. This kind of ties in with Steve's editorial and I think that's what spurred on this post. But in any case, I want to make sure I'm writing in at least two of those channels each and every day. Even if it's for only 15 minutes. To go back to Faulkner's quote, our work may not match our imagination, but still, we must endeavor to keep trying for that dream of perfection. It's the only way our work will ever progress towards what we see in our minds' eyes.
I first ran across these words as a Citadel cadet. Now those who know of my days at El Cid know that I was far from a model cadet. I spent a lot of time just beating or ignoring the system. Part of it were some significant issues going on in my personal life that to this day I have a hard time sharing. And part of it was that was where the intellectual challenge was. Or so I thought. But as much as I tried to beat the system, one area I paid careful attention to was anything to do with leadership because I was certain I would pursue a 20 year career as an Air Force officer. And I knew for the good of the men and women appointed underneath me, I needed to be the best leader I could be. I can thank my father, a retired Marine GySgt for instilling that belief in me.
The basic concept which is usually cited for this saying is that to be a good leader, you've got to be one who understands part of your job is to take care of your troops. Yes, the mission is always first. But if you don't take care of the people who serve with you, there won't be anyone around to help you accomplish said mission. The examples my father gave me were the stories of gloryhounds from Viet Nam who would get their troops killed obtaining some objective when there was a sounder way to get the mission done. But this saying goes beyond just keeping your troops from getting killed. It also means seeing and trying to provide for their needs. For instance, one example we were given was that if you had time to explain the why, you did. That way your troops built up a trust in you that when you didn't have time, they executed, believing you had the best interest of the mission and them in your heart. But it also meant helping each person be better. Not only be better from the job perspective, but from the overall person perspective. You encouraged them as they pursued education opportunities like college, off-duty endeavors like volunteering, and putting the time in to try and make their family life (always hard in the military) work.
That's why I smiled when I read a Rajesh Setty post from a couple of years ago. Part of "to lead is to follow" is also understanding that you need to be able to follow in order to be able to properly lead. This is a facet The Citadel taught. After all, looking at it from just a Citadel TO&E, the platoon commander reports to the company commander. The company commander reports to the battalion commander. And the battalion commander reports to the regimental commander. The regimental commander is ultimately responsible to the administration at The Citadel. So everyone in a position of authority and leadership is a follower of someone in a higher position of authority and leadership. If you're not a good follower, you're not going to be able to take their orders and "make it your own." And this is the area I struggled with the most at The Citadel.
So what does this have to do with IT or databases? Quite simply, a lot of IT folks are intelligent, driven people. They are "hard chargers" who are more than capable of thinking on their own. A lot of our conflicts come about because we're wanting to be leaders, to have it done our way, and we think we can do it better than the current plan. Maybe that's true. But if we're always proposing the new and improved plan, we're not executing on any plan. And our projects stall and folks get upset and money and time and resources get wasted. So sometimes in order to lead, we must follow. We must step back, assess the plan in place and if it's good enough, we execute. If it isn't, we raise our concerns. If we're told to make it happen anyway, then we face a choice. We either find a new place of employment or we execute the plan. In the military that first option isn't available. But in a civilian job it is.
One caution, though. We don't know it all. And sometimes the person telling us to execute despite our objections knows more than we do. That goes back to the first part of "to lead is to follow." Has that person proven he or she is worth our trust? "To lead is to follow" is a double-edged sword. If we realize the implications of the saying whether we are the leader or the follower, our projects and our work efforts should be smoother.
I have two speaking engagements for the week of October 19:
South Florida SQL Server User Group - West Palm Beach - October 23, 2008
http://www.gcsqlgroup.com/
I'll be giving a presentation called Fortress SQL Server, which looks at how to best utilitize SQL Server security features. The audience is DBAs and developers and covers features from SQL Server 2000 through SQL Server 2008.
SQL Saturday #8 - Orlando - October 25, 2008
http://www.sqlsaturday.com/
I've updated my Protecting Your SQL Server from Treasure Seekers presentation to include SQL Server 2008. The audience covers all three arenas of technical folks: system administrators, developers, and DBAs. It also looks like I'm working as part of the lunch crew as a volunteer. That should be a blast. When I have time, I love to volunteer because you meet more folks and you feel like a greater part of a successful event. If you think you might be able to help, it wouldn't hurt to drop a line to Andy Warren to see if they can use you some place.
Full Disclosure: I did receive a trial version of the software and payment for the review. I am also a Friend of Red Gate.
I recently had the opportunity to review Red Gate's new monitoring tool, SQL Response. It's a nice simple application that keeps track of the basics. If you've got a larger monitoring system like Argent or System Center, it's probably not going to do much for you. However, if you're a small shop or you're a multi-tasked administrator, you might give it a look. You can read my review right here at SQL Server Central.
Technical: Counter Hack Reloaded by Ed Skoudis with Tom Liston
It's a security book and I'm rather late getting a review of it written for PASS. Ed Skoudis is also a well known instructor in the security field and considered an expert by many. Therefore, anything that makes me sharper on security in today's uncertain world is a must.
Personal Growth: The Exemplary Husband by Stuart Scott (not the ESPN analyst)
This book presents a Biblical based account on how to be a better husband. Servant leadership, sacrificial love for one's wife, and setting the example in humility, gentleness, tenderness, but also strength and courage are the marks of a husband who strives to follow Christ's example. This is very different than how some present the role of the husband, but it's very much in line with Scripture. Anything I can do to be a better husband to my wife is something I need to do.
For Fun: Complete Defense to King Pawn Openings by Eric Schiller
I despise the Caro-Kann when facing it over the chessboard. It's a solid opening and it has always given me fits. Since I'm primarily a 1. e4 player as White, I must be prepared to face it. So I'm looking at it from Black's perspective to understand where the problem points are so I can both teach it to my oldest son (it matches his style of play) and attack it in over the board play.
Midlands PASS was privileged to host SQL Server MVP Andy Leonard (Blog #1, Blog #2, his VSTS site, Twitter) tonight as he gave a presentation on change data capture in SQL Server 2008. I hope the group got a lot out of his presentation as he didn't just talk about how to do incremental loads in SQL Server 2008, but also briefly covered how you do it in SQL Server 2005, how you tweak SSIS in 2005 for faster performance and to get back correctly all the rows you need, and how you build structures within the relational engine databases to ensure you're only pulling what's changed and not everything and filtering after the fact. In other words, it wasn't just a new SQL 2008 technology presentation, but it also covered a core data warehousing concept not only in theory, but in practice, too.
After the meeting Andy stayed around to talk even though he's teaching a class tomorrow and then faces a long drive back up to Virginia and then a very early drive Saturday morning to make Richmond Code Camp. We spent a lot of time talking about how to build up the community, how to find a proper balance between work / life / community, and just life in general. It was really good to meet and talk with someone else from our technical community, especially one I respect so very much. I don't know how much Andy got out of the discussion, but he gave me some solid advice, was a sounding board on a couple of things that had been weighing on me, and was able to convey his life experiences in a few similar situations.
One of the things my father, a retired Marine "gunny" (short for Gunnery Sergeant, or E-7 in the rank structure) taught me before I pinned on shiny new second lieutenant bars was to learn from those around me who have experience. Specifically he told me to look out for and gain the respect of the senior enlisted and the staff non-commissioned officers (NCOs). He advised me that if I was smart I would value their opinion and knowledge because chances were that anything I was considering they had already thought about and had seen some "butter bar" go off and do and get in a world of trouble as a result. I tried to apply that lesson in my Air Force career and I credit the success I had as a company grade officer to the enlisted corps who looked out for me, gave me sound advice, and were in my corner when I needed it. Speaking with Andy reminded me a lot of that experience (as does any conversation I have with Andy Warren, and you know, both are former Army... hmmmm).
Thanks, Andy, for coming out to speak to our user group, for talking with the members afterwards, and for the talk we had even after that.
Speaker: SQL Server MVP Andy LeonardMidlands PASS Chapter - October 2, 2008 Meeting
The Midlands PASS chapter will hold our normally scheduled meeting on Thursday, October 2, 2008, to host SQL Server MVP Andy Leonard. Andy is a mentor with Solid Quality Mentors and an expert in application architecture, SQL Server development, and SQL Server Integration Services (SSIS) in particular. He will present on Incremental Loads, Change Data Capture, and SSIS 2008. The meeting will once again be held at Training Concepts off of Berryhill Road. We will begin our meet and greet time at 6:15 PM as usual and start the at 6:45 PM. Please feel free to forward this to anyone who you think would be interested in attending. If you haven't already done so and plan on attending, please RSVP (kbriankelley {at} acm {dot} org) as soon as possible so we can ensure we have enough space and food. If you have time to help with setup, please email me and we'll plug you in!Abstract:Change Data Capture is a new SQL Server 2008 feature. One benefit of CDC is data filtering for Incremental ETL in SSIS: only touching rows that are new, updated, or have been deleted! In this presentation I walk through enabling Change Data Capture in SQL Server 2008, then present an overview of an SSIS package that utilizes Change Data Capture to perform Incremental ETL. Bio:Andy Leonard is a Solid Quality Mentor, SQL Server database and Integration Services developer, SQL Server MVP, and engineer. He is a co-author of
