SQL Server 2005 builds some great encryption tools into the product, but what if you are stuck with SQL Server 2000? SQL Server expert Michael Coles brings us the first part of a series along with a free toolkit to manage encryption and keys.   Read more...

Arthur Fuller advises DBAs to try to break their software in order to make sure their SQL Server databases can withstand potential attacks. See if your code can hold up to his suggested tests.  Read more...

SQL Server 2005 builds some great encryption tools into the product, but what if you are stuck with SQL Server 2000? SQL Server expert Michael Coles brings us the first part of a series along with a free toolkit to manage encryption and keys.   Read more...

Auditing, analyzing and documenting your SQL Server installation is becoming more important all the time, especially as more and more attention is being paid to the security of your environment. Chad Miller brings us a look at a framework and a sample document you can use in your environment to conduct an audit.   Read more...

Securing your SQL Server can be an arduous task, but very rewarding. This article covers 10 steps to properly protecting your data.   Read more...

SQL Server Alerts provide a great way for the server to notify a DBA that some event has occurred, usually something bad that they need to fix. However alerts can also be used to drive business logic processes and enable some types of actions to be safely performed without requiring extraordinary rights by a user. Author Leo Peysakhovich brings us some ideas on how we can use alerts to implement business logic processing.   Read more...

When transferring a database to a new server, you are bound to experience a user problem. In this article by Neil Boyle, he shows you how to transfer passwords and accounts seamlessly to a new server.   Read more...

This article covers four of the fixed database roles (db_datareader, db_datawriter, db_denydatareader, and db_denydatawriter). If you're new to SQL security (and maybe even if you're not) this article is worth reading.   Read more...

SecureWave forwarded us this link to some info about their product - they claim to be the only product capable of protecting SQL Server from buffer overflow attacks. You can download a free eval from their site. We have not reviewed this product.  Read more...

Securing your SQL Server can be an arduous task, but very rewarding. This article covers 10 steps to properly protecting your data.   Read more...

In this follow up to one of our most popular articles, Andy responds to comments posted by readers and discusses how to manage SQL logins effectively in your applications.   Read more...

When transferring a database to a new server, you are bound to experience a user problem. In this article by Neil Boyle, he shows you how to transfer passwords and accounts seamlessly to a new server.   Read more...

Continuing with the Worst Practices Series: Steve Jones examines why encryption in the database is a bad idea.   Read more...

The major part of the article, however, is dedicated to a topic that often confuses people and leads to some of the strongest disagreements among IT professionals and developers: the benefits and drawbacks of enforcing security in the middle (or business) tier versus the data tier.   Read more...

Microsoft has announced a new security program to help system administrators secure their sites. Worth a read.   Read more...

Learn how to secure your data by implementing SQL Server security best practices.   Read more...

A new security alert affecting SQL Server was released on June 12, 2001   Read more...

Security information for SQL Server in one place.   Read more...

Poorly managed SQL Server Security can not only leave your SQL Server vulnerable, but also leave your NT Server and network open to attacks.   Read more...

This article by Andy Warren discusses both how to use the Public Role and how using Public may cause you more problems than it's worth. Great examples!   Read more...

SQL Server 2005 builds some great encryption tools into the product, but what if you are stuck with SQL Server 2000? SQL Server expert Michael Coles brings us the first part of a series along with a free toolkit to manage encryption and keys.   Read more...

Auditing, analyzing and documenting your SQL Server installation is becoming more important all the time, especially as more and more attention is being paid to the security of your environment. Chad Miller brings us a look at a framework and a sample document you can use in your environment to conduct an audit.   Read more...

SQL Server Alerts provide a great way for the server to notify a DBA that some event has occurred, usually something bad that they need to fix. However alerts can also be used to drive business logic processes and enable some types of actions to be safely performed without requiring extraordinary rights by a user. Author Leo Peysakhovich brings us some ideas on how we can use alerts to implement business logic processing.   Read more...