Problems displaying this newsletter? View online.
SQL Server Central
Featured Contents
Question of the Day
The Voice of the DBA
 

A Double Failure

This editorial was originally published on May 7, 2019. It is being republished as Steve is on vacation.

Update: Perhaps not, as Evisort dispute any customer data was exposed and they've updated security.

Every server ought to have a password. Every one.

It's 2019, and apparently that advice hasn't sunken in. I still can't believe there are people without passwords/codes on their mobile devices or home PCs, but there are. It's crazy, and while I can forgive some individuals for doing this, no IT infrastructure staff or developer ought to do this. And yet, a double fail recently from Evisort.

This is a startup doing some AI work, but apparently they set up an Elasticsearch server without a password. I've written about this before, and you set a password, but don't have to. That's both an Elasticsearch failure for not requiring one, but also a monumental failure on the part of whoever set this up inside a company.

Use. A. Password.

The second fail is with this server being claimed to be a "testing and development" server. If that's the case, why was production, live data on it? I know many people do this, but if you use that data in non production environments, the data needs to be secured. I'm sure it's especially hard for AI/ML systems to work without real data, unlike other database driven applications, but if you need live data, you need real security here.

If you don't want to do this, then you need masked, obfuscated, pseudonymized, generated, or other data that can be used. I've realized the problems and scope of this across the last few years in my work with Redgate customers, while looking at the challenges and problems brought about by using this data. We've also see there is a lot of potential liability with new regulations like the GDPR and the CCPA for poor data security.

I used to worry about the state of our industry with the poor quality of so many applications written in the 80s and 90s. Now I worry even more about the problems of poor data security. I don't have good answers, but I know we need to do better.

Steve Jones - SSC Editor

Join the debate, and respond to today's editorial on the forums

 
 Featured Contents
SQLServerCentral Article

Migrate SSRS Reports to PowerBI Report Server in SQL Server 2025

Deepam Ghosh from SQLServerCentral

Learn about migrating SSRS reports to Power BI Report Server in SQL 2025

External Article

IDENTITY vs SEQUENCE in SQL Server – which should you use?

Additional Articles from SimpleTalk

This guide explains how IDENTITY columns and SEQUENCE objects differ in SQL Server, and how you might decide which one is appropriate for a given design.

Blog Post

From the SQL Server Central Blogs - PowerShell Remoting for SQL DBAs: WinRM + SSH Guide (Updated 2026)

SQLPals from Mission: SQL Homeostasis

PowerShell Remoting for SQL DBAs: WinRM + SSH Guide (Updated 2026)

Originally published in 2023, this post never made it into Google's index, so I'm republishing it...

Blog Post

From the SQL Server Central Blogs - The 2026 Redgate Summit in New York City

Steve Jones - SSC Editor from The Voice of the DBA

We’re coming back to New York, which is exciting for me. I love NYC. The Redgate Summit 2026 – New York City comes back on May 5, 2026. You...

Technical Article

Databricks Data Intelligence Platform: Unlocking the GenAI Revolution

Site Owners from SQLServerCentral

This book is your comprehensive guide to building robust Generative AI solutions using the Databricks Data Intelligence Platform. Databricks is the fastest-growing data platform offering unified analytics and AI capabilities within a single governance framework, enabling organizations to streamline their data processing workflows, from ingestion to visualization. Additionally, Databricks provides features to train a high-quality large language model (LLM), whether you are looking for Retrieval-Augmented Generation (RAG) or fine-tuning.

 

 Question of the Day

Today's question (by Steve Jones - SSC Editor):

 

Identities and Sequences III

When thinking of the Identity property for auto incrementing columns and sequences for the same action, which can be used with the BIGINT data type?

Think you know the answer? Click here, and find out if you are right.

 

 

 Yesterday's Question of the Day (by Steve Jones - SSC Editor)

A Fun Computer Quote

Which movie featured this quote?

"All programs have a desire to be useful."

Happy April Fools!

Answer: Tron

Explanation: The answer is Tron: https://movie-sounds.org/sci-fi/tron-1982/132701

Discuss this question and answer on the forums

 

 

 

Database Pros Who Need Your Help

Here's a few of the new posts today on the forums. To see more, visit the forums.

SQL Server 2019 - Development
String_agg not working as needed - I'm trying to get this string_agg to put all the 'comments' into one result field like instead of: 433    2018-11-06 11:08:12.793     Customer called 433     2018-11-06 11:08:12.793     Customer left message This is needed: 433    2018-11-06 11:08:12.793     Customer called, Customer left message Any ideas?: WITH MaxCommentCTE AS ( SELECT DISTINCT client_id […]
query to track time spent on individual tasks in SSIS - Hi everyone I am looking at building a query to determine how much time is being spent on each task in SSIS.  My SSIS package has a few containers and within each container there are tasks.  Once one container finishes processing then the next container gets processed.  I have never done this before so I […]
Editorials
Doing the Little Things - Comments posted to this topic are about the item Doing the Little Things
Everything is the right question away - Comments posted to this topic are about the item Everything is the right question away
Hidden Heroes - Comments posted to this topic are about the item Hidden Heroes
Changing Data Types - Comments posted to this topic are about the item Changing Data Types
Article Discussions by Author
Seeding a Fabric Warehouse with dbt for Visual Studio Code: The Fabric Modern Data Platform - Comments posted to this topic are about the item Seeding a Fabric Warehouse with dbt for Visual Studio Code: The Fabric Modern Data Platform
Seeding a Fabric Warehouse with dbt for Visual Studio Code: The Fabric Modern Data Platform - Comments posted to this topic are about the item Seeding a Fabric Warehouse with dbt for Visual Studio Code: The Fabric Modern Data Platform
Historical Data Tracking - Comments posted to this topic are about the item Historical Data Tracking
Vectors in SQL Server 2025 - Comments posted to this topic are about the item Vectors in SQL Server 2025
Odd Sequences - Comments posted to this topic are about the item Odd Sequences
SQL Server Transactional Replication from Always On Availability Groups to Azure SQL Database - Comments posted to this topic are about the item SQL Server Transactional Replication from Always On Availability Groups to Azure SQL Database
Identities and Sequences I - Comments posted to this topic are about the item Identities and Sequences I
Fun with JSON II - Comments posted to this topic are about the item Fun with JSON II
SQL Server 2022 - Development
VS Code, Unresolved References. - Hi all, I just started using VS Code to work with DB projects.  I have a work-in-progress DB, meaning some of the objects are broken.  But, for those that are not broken, when I run dotnet build I get many unresolved reference errors that have no problem existing on the server or in SSMS.  The […]
 

 

RSS FeedTwitter

This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com.
©2019 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
webmaster@sqlservercentral.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -