Problems displaying this newsletter? View online.
SQL Server Central
Featured Contents
Question of the Day
Redgate Database Devops
The Voice of the DBA
 

Phishing Defenses

I wrote recently about an attack on utility companies by crafting a clever email aimed at specific engineers. That could easily happen with software developers and IT pros, which is why I think it pays to be extra cautious when dealing with any communications that come from others. Whether emails appear to be from internal or external users, phishing is a real concern for those of us that have privileged access to systems, and it should continue to be a concern for the foreseeable future.

I ran across an article that talks about some of the defenses that you can implement. Certainly education is key as one person noted in a comment on my previous article. They said their security department sends around pictures of phishing emails. That's a good idea, but the volume might be overwhelming in today's heavily probed environments. I think it would be easy for me to make a mistake after seeing too many examples and when I'm expecting some communication from someone and I get a phishing email on that topic. Still, educating users with privileged accounts know this is a regular occurrence is a good idea.

I know in larger companies, there ought to be some group that knows about phishing issues in depth and centralizes information. Having a support channel (email, Slack, whatever) for people to contact when they have questions is a great idea. I know I do sometimes contact my IT group if I've gotten something that seems suspicious. Letting some central group manage reports and provide information also allows that group to help keep a list of sites that should be blocked more up to date. If someone is clicking through but there are blocks to prevent access to links, or even communication from trojans, this can mitigate some of the issues.

Perhaps the best idea, however, is to ensure that backups are taking place and restores can be performed. We know this is critical for databases, but other types of data you use might be valuable as well. While I know that my Drop Box and One Drive folders might get hit with ransomware, I also know my subscription allows me to restore older versions, which hopefully would be un-encrypted.

Security is a constant battle, and the criminals continue to come up with new attack techniques, often with success. Ensure you remain vigilant, educated, and help others in your organization to do so as well.

Steve Jones - SSC Editor

Join the debate, and respond to today's editorial on the forums

Redgate SQL Provision
 
  Featured Contents

Memories of DR testing

MVDBA from SQLServerCentral

With the introduction of the GDPR, a lot of our prospective clients are demanding more and more information regarding data disposal, retention and usage practices. Both our new and existing clients want to look at our internal ecosystem and understand how we manage it. This means that I finally got a budget for a disaster […]

Simple SQL Change Automation Scripting: The Release Object

Additional Articles from Redgate

Once you understand the SCA data objects, it can give you a certain glow of to discover, suddenly, that SCA can do some complicated and time-consuming tasks with just a few lines of code. Phil Factor demonstrates how to get the most of SCA's Release object.

From the SQL Server Central Blogs - 5 Things You Need To Know When Reading SQL Server Execution Plans

Bert Wagner from Bert Wagner

Watch this week’s episode on YouTube. 5 Things You Need To Know When Reading SQL Server Execution Plans In the first part of this series I explained what an execution...

From the SQL Server Central Blogs - Feature Restrictions in SQL Server 2019 are Worse Than Useless: a False Sense of Security And Wasted Opportunity

Solomon Rutzky from SQL Quantum Leap

A misguided attempt to improve security that not only increases the chances of SQL Injection, but also prevented useful changes from being made.… Continue reading Feature Restrictions in...

 

  Question of the Day

Today's question (by Steve Jones - SSC Editor):

 

Storing JSON data

In SQL Server 2017, how do I store JSON data in a table? I have this table, so choose the value that will go in place of the XXX.
CREATE TABLE Song
( SongKey int identity(1,1)
, SongData XXX
);

Think you know the answer? Click here, and find out if you are right.

 

 

  Yesterday's Question of the Day (by Evgeny Garaev)

Resumable online index rebuild

In which version of SQL Server did Microsoft introduce resumeable online index rebuild?

Answer: SQL Server 2017 and Azure SQL Database

Explanation: The feature are introduced in SQL Server 2017 and applies to 14.x+ and Azure SQL Database. Ref: ALTER INDEX - https://docs.microsoft.com/en-us/sql/t-sql/statements/alter-index-transact-sql?view=sqlallproducts-allversions

Discuss this question and answer on the forums

 

 

 

Database Pros Who Need Your Help

Here's a few of the new posts today on the forums. To see more, visit the forums.


SQL Server 2017 - Development
Possible to call SSIS Environment Variable from stored proc? - I'm using SSIS Catalog with an Environment, and it works great with packages. Is it possible to get the value of an environment variable from a stored procedure?
SQL Server 2016 - Administration
Copy-DbaAgentJob without the steps - Hello everyone , I need to transfer all jobs without the steps I want to transfer the name of the job, the scheduling of execution, the alert only with the tool dbatools Copy-DbaAgentJob this is possible thank you
How to connect to secondary replica - Hi, I want developers to go to secondary replica for running select queries. So, I'm testing this by connecting to SSMS and providing "ApplicationIntent=ReadOnly" under options->additional parameters. But it is still going to Primary. I'm using below query to check which replica I'm connected to and it is showing as Primary. Please advise. SELECT ars.role_desc […]
SSISDB - I am looking to move SSISDB from old server to SQL 2016. Would the new server needs Integration services installed? I have the restored the database and everything looks good to me. There is any additional things would be needed to done?
SQL Server 2016 - Development and T-SQL
Performance Debate - Looking for Opinions on if this area of a C# application should be modified in how it hands things off to the DB. The table in question has two columns (ListId,PersonId)   there can be multiple PersonID with different list ID's The UI of the application allows you to go in and view all these Lists […]
Administration - SQL Server 2014
questions server packs - Hi, We are currently on SQL Server 2012 SPS 2. I was wondering to get them up to date do I, go sps 3 and then 4 or can I just take sps 4? Is there anything that I have to be concern about in installing these on a production unit. Thank you
Development - SQL Server 2014
SQL Collation different in tables and columns - Hi, I'm getting an infuriating issue where I have my default collation of the server set to SQL_Latin1_General_CP1_CI_AS. For some unknown reason some tables in different databases have a different collation AND some columns within those tables have a different collation again. It's driving me mad. Any idea how I can stop this from happening? […]
SQL 2012 - General
SQL 2012 Patch Release Dates - Is MS releasing any additional patches for SQLSERVER 2012?  A patch release was last introduced March of 2018.    
How to upload an rdl from SSRS - Hi, According to a number of places on the web, to add a custom report in SQL Server, you just have to go to Reports to custom reports then add you rdl. However, when I do that I get the following message, which I am not sure what it means or what I can do […]
SQL Server 2012 - T-SQL
How to preapare Vintage Analysis report in sql - hi, How to preapare Vintage Analysis report in sql.Can someone help me with code. Sample dat and Desired output is attached for reference.
SQL Server 2008 - General
Need to group multiple lines into one line - so I really struggle with grouping.  I have a view and it takes a few accounts and basically uses the same account.  when the view runs I get 5 lines.  4 lines for the accounts I am grouping and 1 line for the master account. so the first four accounts 1560020, 1560100, 1560300, 1560400 all […]
SQL Server Newbies
Basics to loading data - I'm trying to get better at loading data, flat files, Excel files from Apknite company into their SQL Tables. Here is my question because I have no one else in real life to bounce this idea off of to see if this is an accepted method/practice. Import TXT file to 'staging table' everything as varchar. […]
SSRS 2016
Textbox expression returning error - Hi, I have an expression in a cell of a table in SSRS. Whenever I try the preview the report it is coming up with this error: "The Value expression for the textrun ‘Standard.Paragraphs[0].TextRuns[0]’ contains an error: [BC30471] Expression is not an array or a method, and cannot have an argument list." My expression is […]
General
VBA Error Handling When Opening Another Macro - I have a process in which a macro loops through a list of other macros to run. I'm trying to add error handling in the parent macro so that if one of the other macros being called errors then it won't pop up with an alert and it will also close out and move on […]
Integration Services
Using a variable in Excel Connection Manager - I am trying to create a package that will import a file using the filename from a SQL table. I first created the package to read a single filename and it worked fine. Now I am trying to add a SQL task before the Data Flow that get the filename from the table. I set […]
 

 

RSS FeedTwitter

This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com.
©2019 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
webmaster@sqlservercentral.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -