-->
Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Databases – Infrastructure – Security

Brian Kelley is an author, columnist, and Microsoft SQL Server MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress), Professional SQL Server 2008 Administration (Wrox), and Introduction to SQL Server (Texas Publishing). Brian currently serves as an infrastructure and security architect. He has also served as a senior Microsoft SQL Server DBA, database architect, developer, and incident response team lead.

New Article – Application Database Security Design (Part 1 – Authentication)

In conjunction with the webinar I gave last month for MSSQLTips, I’ve started an article series on application database security design.

Read Part 1 – Authentication for SQL Server

The issue with a one hour webcast is one can’t cover a broad topic like application database security design in any… Read more

1 comments, 1,244 reads

Posted in Databases – Infrastructure – Security on 6 March 2017

Database Security Webinar Today (Feb 23)

Today at 3 PM EST I’m giving a webinar on designing a successful database security model with SQL Server.

Register Here for Free (you can also register for other upcoming MSSQLTips webinars)

Here’s what I’ll be covering:

You’re building a new application using SQL Server as a back-end and you… Read more

0 comments, 144 reads

Posted in Databases – Infrastructure – Security on 23 February 2017

Giving a Security Webinar on Thursday

On Thursday, February 23rd at 3 PM EST I’m giving a webinar on designing a successful database security model with SQL Server.

Register Here for Free (you can also register for other upcoming MSSQLTips webinars)

Here’s what I’ll be covering:

You’re building a new application using SQL Server as a… Read more

0 comments, 87 reads

Posted in Databases – Infrastructure – Security on 21 February 2017

Career Corner: Go Beyond Networking

Networking with others is good for your career. You should do it. Don’t stop there. Keep going.

Networking builds contacts and associates you can reach out to with respect to your technical discipline. You need these to grow effectively in your career.

However, networking typically stops at the technical side.… Read more

0 comments, 249 reads

Posted in Databases – Infrastructure – Security on 25 January 2017

Grateful to have been a Microsoft MVP

A couple of weeks ago I received the disappointing but expected news that I wasn’t renewed as a Microsoft Data Platform MVP. I say expected because I knew my ability to give back to the community had been greatly diminished over the later part of 2015 and into 2016. Between… Read more

0 comments, 214 reads

Posted in Databases – Infrastructure – Security on 2 January 2017

Reminder – Geek Sync Today!

Today (December 14, 2016) at 12 PM Eastern I’m giving a webinar on preparing for your SQL Server farm for the holidays.

Registration: Geek Sync – Surviving the Holidays with SQL Server

Here’s what I will be covering:

It’s the end of the year and you want to have a… Read more

0 comments, 140 reads

Posted in Databases – Infrastructure – Security on 14 December 2016

Geek Sync Tomorrow: Surviving the Holidays with SQL Server

Tomorrow (December 14, 2016) at 12 PM Eastern I’m giving a webinar on preparing for your SQL Server farm for the holidays.

Registration: Geek Sync – Surviving the Holidays with SQL Server

Here’s what I will be covering:

It’s the end of the year and you want to have a… Read more

0 comments, 116 reads

Posted in Databases – Infrastructure – Security on 13 December 2016

Happy Thanksgiving

It’s Thanksgiving again here in the United States. Throughout the years, the IT community has been awesome. I have been blessed by you all. I can certainly point to milestones in my career and list the folks who have helped me get to each one. 

But outside of work and… Read more

0 comments, 188 reads

Posted in Databases – Infrastructure – Security on 24 November 2016

Webinar Available On Demand – Building an Auditing Framework for SQL Server

Recently I gave an introductory webinar on how to build an auditing framework for SQL Server. The focus was for those tasked with auditing SQL Server on a regular basis and needing some ideas of how to get started. I talk through some of the challenges as well as what… Read more

0 comments, 250 reads

Posted in Databases – Infrastructure – Security on 19 October 2016

Webcast Tomorrow: Building an Auditing Framework for SQL Server

Faced with auditing SQL Server on a regular basis with no 3rd party tools? Where do you start? That’s what this webcast is on. Come watch on October 13, 3 PM Eastern time. 

Webcast: Building an Auditing Framework for SQL Server
There will be some code samples, but this is… Read more

0 comments, 220 reads

Posted in Databases – Infrastructure – Security on 12 October 2016

Reminder: Webinar today

This is a reminder that I’ll be giving a webinar today on managing SQL Server Agents jobs in a SQL Server Farm. Here are the details:

Webinar: Managing SQL Server Agent Jobs Across Your SQL Server Farm

On Thursday, September 8, at 3 PM EDT, I’ll be doing a webinar… Read more

0 comments, 165 reads

Posted in Databases – Infrastructure – Security on 8 September 2016

Reminder: #SQLChat at lunch today

This is a reminder that we’ll having a #SQLChat this afternoon at 12 PM EDT. Here are the details:

SQLChat: Do You Manage Multiple Servers?

On Wednesday, September 7, at 12 PM EDT (11AM CDT), we’ll be doing a #SQLChat covering managing multiple SQL Servers and how people handle dealing… Read more

0 comments, 248 reads

Posted in Databases – Infrastructure – Security on 7 September 2016

SQLChat on Wednesday, Webinar on Thursday!

I’m participating in two community activities this week. One is a #SQLCchat on Twitter and the other is a webinar through MSSQLTips.

SQLChat: Do You Manage Multiple Servers?

On Wednesday, September 7, at 12 PM EDT (11AM CDT), we’ll be doing a #SQLChat covering managing multiple SQL Servers and how… Read more

0 comments, 179 reads

Posted in Databases – Infrastructure – Security on 6 September 2016

I wrote a SQL Server auditing whitepaper!

I recently collaborated with Idera to produce a short whitepaper on the top 5 things to audit in SQL Server (database engine). You can grab it for free here (registration required):

Whitepaper: Top 5 Items to Audit in SQL Server

None of this is earth shattering. The whitepaper contains the… Read more

0 comments, 364 reads

Posted in Databases – Infrastructure – Security on 27 July 2016

Not More Than 16 Characters?!?

Microsoft, you’re killing me. This is the warning I received when typing in a password for Office 365:

I blinked when I saw the warning, “Your password can’t be longer than 16 characters.” I couldn’t believe that I had gotten that warning, so I erased what I had typed for… Read more

7 comments, 2,599 reads

Posted in Databases – Infrastructure – Security on 10 June 2016

Protecting Against Delete without Where

If I’m doing any manual work with T-SQL, I always begin every set of data change operations with BEGIN TRAN and I have the COMMIT TRAN commented out at the end of my script. Why?

Quite simply, because I’m wary of having a DELETE clause without a proper WHERE clause.… Read more

7 comments, 3,411 reads

Posted in Databases – Infrastructure – Security on 9 June 2016

A Different Type of Currency

Recently, a member of the community lamented that folks weren’t willing to provide an email address for free training. This reminds me of an old saying popularized by Heinlein, but one that was used a lot in the Perl community: TANSTAAFL (There Ain’t No Such Thing As A Free Lunch).… Read more

1 comments, 270 reads

Posted in Databases – Infrastructure – Security on 9 June 2016

Slides from 2016 Techno Security & Mobile Forensics Conference

I’ve completed both of my presentations at the 2016 Techno Security and Forensics Investigation Conference (#technosecurity). If you were able to make it to one of my talks, thank you for choosing to spend your time with me. While my slides will be available from the conference site,… Read more

0 comments, 306 reads

Posted in Databases – Infrastructure – Security on 7 June 2016

Sights that just scream, “No!”

I’m at a conference, specifically a security conference. So I looked at the available WiFi connections. Among the conference and hotel specific connections and the MiFi and cellphone uplinks I spotted this one:

That just screams, “No!” TANSTAAFL.


Read more

0 comments, 280 reads

Posted in Databases – Infrastructure – Security on 7 June 2016

Congrats to MSSQLTips on 10 Years!

MSSQLTips has posted about their 10 years as a resource to the SQL Server community. It’s where I do the bulk of my writing these days, mainly because I like the problem/solution format. However, the folks at MSSQLTips didn’t just write to acknowledge their 10th birthday. 

They also posted… Read more

0 comments, 296 reads

Posted in Databases – Infrastructure – Security on 6 June 2016

Older posts