Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Databases – Infrastructure – Security

Brian Kelley is an author, columnist, and Microsoft SQL Server MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress), Professional SQL Server 2008 Administration (Wrox), and Introduction to SQL Server (Texas Publishing). Brian currently serves as an infrastructure and security architect. He has also served as a senior Microsoft SQL Server DBA, database architect, developer, and incident response team lead.

Women in Technology

Warning: rant forthcoming.

I don’t get the women in technology problem. Oh, I understand and see the problem. I also understand and see the problem is primarily with men. I just don’t get why there is a problem. 

Maybe the reason I don’t get the problem with women being our… Read more

10 comments, 5,071 reads

Posted in Databases – Infrastructure – Security on 18 March 2015

Why You Shouldn’t Skip the Infrastructure/Security Architecture Review

It’s not usual for development projects to undergo an architecture review, but too many times these reviews consist only of developers. There are no server or network folks, much less any DBAs or security personnel. When I’ve brought this up to some of my developer friends, they wonder what the… Read more

0 comments, 4,689 reads

Posted in Databases – Infrastructure – Security on 9 March 2015

My Upcoming Speaking Engagements

March 4 – Charleston PASS, Charleston, SC

What Admins Absolutely Must Know About SQL Server Security

There are so many security tips out there for SQL Server. Almost all of them are rated as a best practice. What do you listen to? What do you focus on? In this… Read more

0 comments, 127 reads

Posted in Databases – Infrastructure – Security on 26 February 2015

SQL Saturday #354 – Charleston, SC is almost here!

If you are relatively near to Charleston, SC, there’s a SQL Saturday there this weekend, December 13th!

SQL Saturday #354 – Charleston, SC

Looking at the speaker list, if you’re able to attend you’ll get top notch training for FREE! For instance, the SQL Server Legend, Kevin Kline,… Read more

0 comments, 124 reads

Posted in Databases – Infrastructure – Security on 9 December 2014

FUD Makes Security Harder

The US government’s illogical screeds against better personal encryption for data and communications is well documented. Then comes this reported communication:

Department of Justice: iPhone encryption will lead to the death of a child

I’m hoping the quote given in the article is completely out of context. However, previous statements,… Read more

0 comments, 141 reads

Posted in Databases – Infrastructure – Security on 20 November 2014

More on that Cyberwar

As a follow-up to my post on being at war, cyberwar:

State Department Hacked

If the experts are correct, this trend is only going to continue. Reading the article and others on the same situation, they all note that the unclassified email had been hacked, but not classified. That’s… Read more

0 comments, 191 reads

Posted in Databases – Infrastructure – Security on 18 November 2014

We’re at War – Cyberwar

In case you’ve not been following the news with regards to *government* breaches:

All three of these news articles released within the past few weeks. The reality is that our networks… Read more

1 comments, 254 reads

Posted in Databases – Infrastructure – Security on 13 November 2014

Speaking at SQL Saturday #354 – Charleston, SC

If you’re looking to warm up for the winter, come on down to Charleston, SC, on December 13, 2014. Charleston will be hosting its second SQL Saturday. Why Charleston?

Read more

0 comments, 246 reads

Posted in Databases – Infrastructure – Security on 12 November 2014

Generalists vs. Specialists

I’ve stated quite often that being a generalist has generally been beneficial for my IT career (pun intended). That’s why I developed the professional development presentation, The Swiss Army Knife of DB Pros. It is also why I continue to bounce back and forth between technology areas rather than… Read more

17 comments, 6,812 reads

Posted in Databases – Infrastructure – Security on 6 November 2014

Consolidating Email Accounts

I am consolidating my professional email accounts into one place. If you’ve previously contacted me using my linchpinpeople.com or either of my sqlpass.org email accounts, please use this instead:

kbriankelley

{at}

acm

{dot}

org

I have been slow to respond at times to the other accounts, because I don’t check… Read more

0 comments, 198 reads

Posted in Databases – Infrastructure – Security on 21 October 2014

SQL Server Security Benchmarks

If you’re not familiar with the Center for Internet Security, here’s the organization’s mission statement:

The Mission of the Center for Internet Security is to enhance the security readiness and response of public private sector entities, with a commitment to excellence through collaboration.

CIS produces consensus-based, best practice secure…

Read more

0 comments, 187 reads

Posted in Databases – Infrastructure – Security on 20 October 2014

#TSQL2sday #59 – My Heroes

Here is my list of heroes for #TSQL2sday. None of them are directly tied to technology, much less SQL Server. However, all of them have made a deep impact on my life. I am where I am today because of these nine.

1. James Tiberius Kirk

I start my… Read more

0 comments, 146 reads

Posted in Databases – Infrastructure – Security on 14 October 2014

Slides and Code for SSIG Talk

Thank you for those who made it out to the SQL Server Innovators Guild last night in Greenville, SC. I hope you enjoyed the talk and that it’ll create conversations about how we better secure the ETL pipeline. With attacks against data becoming more and more prevalent, I only see… Read more

0 comments, 197 reads

Posted in Databases – Infrastructure – Security on 8 October 2014

Carolina Technology Conference: Presentation Materials

For those able to attend my session at this year’s Carolina Technology Conference, thank you! As promised, here are the slides, sample code, and audit scripts from my presentation on What You Absolutely Must Know about SQL Server Security:

ZIP file: What You Absolutely Must Know about SQL Server… Read more

0 comments, 226 reads

Posted in Databases – Infrastructure – Security on 6 October 2014

The Fallacy of Internal Access Only

In the wake of Shell Shock, I’ve seen some vendor advisories indicate that while their product is vulnerable, it’s only through the management interface but everything is okay because if best practices have been followed, the management interface isn’t/hasn’t been exposed to the Internet.

No, everything is not okay.… Read more

2 comments, 6,214 reads

Posted in Databases – Infrastructure – Security on 30 September 2014

Four Things PASS gets Right

PASS has taken a lot of heat recently. A few folks have pointed out that you only seem to hear when people are upset at PASS at something. So here’s my take on what PASS has done correctly.

The Summit

The Summit is a premier conference for SQL Server professionals.… Read more

0 comments, 6,256 reads

Posted in Databases – Infrastructure – Security on 24 September 2014

[Off-Topic] Beating Childhood Cancer

Note: I feel this post is important enough to post across all my blogs.

September is Childhood Cancer Awareness Month here in the USA. Here are some statistics:

  • In 2014, an estimated 15, 780 children (ages 0-19) will be diagnosed with cancer in the USA.
  • In 2014, an estimated…

Read more

0 comments, 176 reads

Posted in Databases – Infrastructure – Security on 9 September 2014

Audit Webinar Tomorrow (4 September 2014)

I will be given a webinar on how to audit SQL Server through MSSQLTips.com.

Webinar Registration Link

The abstract:

Don’t become a statistic. With the numerous data breaches and internal data theft, securing your SQL Server environment can help keep your company out of the news. Unfortunately, a… Read more

0 comments, 189 reads

Posted in Databases – Infrastructure – Security on 3 September 2014

4 Attitudes I Wish I Had Earlier as a DBA

I was tagged by Mike Walsh (blog | twitter) in his post 4 Attitudes I Wish I Had Earlier As a DBA.

I Don’t Have to Do It Alone

I’ve always worked hard in my IT career to be knowledgeable in my field. I don’t like not… Read more

6 comments, 7,016 reads

Posted in Databases – Infrastructure – Security on 28 August 2014

Older posts