SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Databases – Infrastructure – Security

Brian Kelley is an author, columnist, and Microsoft SQL Server MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress), Professional SQL Server 2008 Administration (Wrox), and Introduction to SQL Server (Texas Publishing). Brian currently serves as an infrastructure and security architect. He has also served as a senior Microsoft SQL Server DBA, database architect, developer, and incident response team lead.

Archives: June 2016

Not More Than 16 Characters?!?

Microsoft, you’re killing me. This is the warning I received when typing in a password for Office 365:

I blinked when I saw the warning, “Your password can’t be longer than 16 characters.” I couldn’t believe that I had gotten that warning, so I erased what I had typed for… Read more

7 comments, 3,442 reads

Posted in Databases – Infrastructure – Security on 10 June 2016

Protecting Against Delete without Where

If I’m doing any manual work with T-SQL, I always begin every set of data change operations with BEGIN TRAN and I have the COMMIT TRAN commented out at the end of my script. Why?

Quite simply, because I’m wary of having a DELETE clause without a proper WHERE clause.… Read more

7 comments, 3,607 reads

Posted in Databases – Infrastructure – Security on 9 June 2016

A Different Type of Currency

Recently, a member of the community lamented that folks weren’t willing to provide an email address for free training. This reminds me of an old saying popularized by Heinlein, but one that was used a lot in the Perl community: TANSTAAFL (There Ain’t No Such Thing As A Free Lunch).… Read more

1 comments, 431 reads

Posted in Databases – Infrastructure – Security on 9 June 2016

Slides from 2016 Techno Security & Mobile Forensics Conference

I’ve completed both of my presentations at the 2016 Techno Security and Forensics Investigation Conference (#technosecurity). If you were able to make it to one of my talks, thank you for choosing to spend your time with me. While my slides will be available from the conference site,… Read more

0 comments, 502 reads

Posted in Databases – Infrastructure – Security on 7 June 2016

Sights that just scream, “No!”

I’m at a conference, specifically a security conference. So I looked at the available WiFi connections. Among the conference and hotel specific connections and the MiFi and cellphone uplinks I spotted this one:

That just screams, “No!” TANSTAAFL.

Read more

0 comments, 446 reads

Posted in Databases – Infrastructure – Security on 7 June 2016

Congrats to MSSQLTips on 10 Years!

MSSQLTips has posted about their 10 years as a resource to the SQL Server community. It’s where I do the bulk of my writing these days, mainly because I like the problem/solution format. However, the folks at MSSQLTips didn’t just write to acknowledge their 10th birthday. 

They also posted… Read more

0 comments, 532 reads

Posted in Databases – Infrastructure – Security on 6 June 2016