Problems displaying this newsletter? View online.
SQL Server Central
Featured Contents
Question of the Day
The Voice of the DBA
 

Better Protection from Hardware

Microsoft is working on ways to protect your system at an even lower level than the bootloader. Many modern computers have UEFI protection, which allows for security in the boot process, and prevents untrusted code from running. This is intended to ensure that some other boot process cannot run and then invoke your Windows bootloader.

This doesn't protect from firmware issues, but Microsoft may have a solution. Working with hardware companies (Intel, AMD), they have a System Guard Secure Launch that provides a way to secure your OS. There's a light explanation at Ars Technica of what this means for you. Essentially, this allows the OS to reset the CPU and ensure untrusted firmware code isn't running.

I won't pretend to know how this works in depth, or what additional levels of security this provides, but I do recognize the problem being worked on here. I also think that criminals (and rogue nation state actors) are making deeper and more complex attacks on systems. We know that compromised code can be a major problem for our servers, and we need better mechanisms to ensure we can trust the platform on which we run our database servers

Just recently there was an alert about a backdoor in SQL Server. This was noted as being in SQL Server 2012 and 2014. At first I was surprised this didn't get more play, then I realized this was an issue with the Windows OS being compromised and then a patch installed on the SQL Server service to allow attackers to log into the database server. Disconcerting, but if someone gains control of the Windows OS, I'd expect they can get into SQL Server.

Security is a problem with database servers, and the number and variety of attacks continues to grow. It pays to be diligent, and certainly, use whatever tools are available. Strong passwords, access controls and low privileged accounts, UEFI, SGSL, set up every security feature you can. After all, data is your organization's most important asset.

Steve Jones - SSC Editor

Join the debate, and respond to today's editorial on the forums

Redgate SQL Provision
 
  Featured Contents

Monitor Current Analysis Services Activity

pabechevb from SQLServerCentral

Although not every business has SSAS (SQL Server Analysis Services) installed nor use it extensively, the ones who do also care about their database responsiveness. If it is slow, what else is running that may be causing the slowness? Are there any locks? What commands are being run, who is running them, from where? How […]

Test data provisioning for development – free whitepaper

Additional Articles from Redgate

Compare the most common approaches to provisioning test data to database development teams and see how they stack up.
Learn why traditional approaches like restore from backup are no longer suitable, and how successful organizations are implementing a combined data masking and data virtualization approach.

Update only Year, Month or Day in a SQL Server Date

Additional Articles from MSSQLTips.com

In this tip we look at how to change specific parts of a date such as the Year, Month or Day for data stored in a SQL Server table.

From the SQL Server Central Blogs - Power Platform Quick Tips – Episode 03: Documenting Power Automate Flow Logic

Devin Knight from Devin Knight

Welcome back to my series on Power Platform quick tips! In this episode you will learn how to document your flow logic with comments.

From the SQL Server Central Blogs - SQL Homework – December 2019 – The default trace and the system health session.

Kenneth.Fisher from SQLStudies

I know this is the holiday season for many of us (which ones depend on your religion and nationality of ... Continue reading

 

  Question of the Day

Today's question (by Steve Jones - SSC Editor):

 

Getting my options

I know that the @@OPTIONS variable contains a bitmap. If I want to get the value of ANSI_WARNINGS, I know this setting is stored in the 4th (from the right) bit. I know that ANSI_WARNINGS are on, meaning the bit is set. When I run this code, what is returned?
DECLARE @a INT
SET @a = @@OPTIONS
SELECT @a & 8
 

Think you know the answer? Click here, and find out if you are right.

 

 

  Yesterday's Question of the Day (by Steve Jones - SSC Editor)

Updating Statistics

When are statistics updated?

Answer: When an index is rebuilt

Explanation: Statistics are updated when an index is rebuilt (or created). They are not updated when an index is reorganized. Ref: Reorganize and rebuild indexes - https://docs.microsoft.com/en-us/sql/relational-databases/indexes/reorganize-and-rebuild-indexes?view=sql-server-ver15

Discuss this question and answer on the forums

 

 

 

Database Pros Who Need Your Help

Here's a few of the new posts today on the forums. To see more, visit the forums.


SQL Server 2017 - Administration
Always on in standard and enterprise edition - Hello everyone! I would glad to know, what is the difference in Always on between Standard and Enterprise edition? And also there is something that change in 2012 and above? Thanks!
Migrating DB encrypted by master key - I'm migrating DBs from a 2008 R2 instance onto a 2017 instance.  I have one DB that is encrypted by the master key, how do I migrate this successfully across to a new instance?
Log Shipping - What has changed - We currently have a situation with a vendor where they will only give us access to our data via 5 minute log ship files that we import into our read only db. this is fine for most queries, but we need a way to get details about what has changed in each period in the […]
SQL Server 2017 - Development
Insert in batches using select coalesce option - Hi, I am trying to insert multiple tables data into one table using Insert in batches and with select coalesce. I am getting Ambiguos column (id) error. Can some one please help me to resolve the issue. Thank You. ERROR MESSAGE: Msg 209, Level 16, State 1, Line 26 Ambiguous column name 'id'. Line:26 - […]
Fastest Way to Calculate Total Number of records inserted per day - Hi, I need to show a number of records per day in the dashboard of the web application if the user reload the page the count will automatically be updated. Initially, we don't have any problem as the records grow to the millions of records the query execution takes slow. The following is the query […]
Fastest way to query Millions of records with Pagination and Total Record Count - HI, We had a table that contains a huge volume of data inserted per day it contains millions of rows. Currently, we had 2 million records in staging but once we hit the production the data will be easily more than 10 - 20 million rows Previously we had a pagination query that took more […]
SQL Server 2016 - Administration
changing db owner with always on replication (to fix DB properties window) - SQL Server 2016 standard edition, with primary databases and one other server set up as secondary failover with always on availability group. There were some issues over the weekend with an application that accesses the databases on this server, unbeknownst to me, they decided just to reboot the database server, which seemed to clear things […]
What\'s the best way to keep a record of all records inserted via an SP call? - Hey guys, so I may be overthinking this but basically, I have a bunch of stored procedures which I want to begin keeping historical track of.  I want to know which records were updated by which SP & when, and I'm just looking for the best way to do this.  Is there any built in […]
Impact value about missing indexes - is there relation between Impact from sys.dm_db_missing_index_group_stats and Impact from cache plan? Thanks for all.  
I can't Uninstall SQL Server 2016 - Hi, I have SQL Server 2016 installed in my machine but I can't uninstall it, it doesn't appear on my Control Panel, I looked again using CMD wmic, product get name, it also doesn't appear. But I can see it, SQL Server on the services and SQL Server Configuration Management. I also tried using CMD […]
SQL Server 2016 - Development and T-SQL
BCP utility - Hi All I am trying to export some data from a SQL server database to a CSV file. As I need to do this for around hundreds of records, I am using a cursor to loop through and creating dynamic file names to write individual files. This seems to be working ok. Some of the […]
Administration - SQL Server 2014
Trouble connecting in single user mode - I have an SQL server which I need to get admin access to. Logged on as administrator to the server I attempt to start in single user (-m) mode. However in this case, instead of dropping into single user (as on other servers in this project),  I get a screen full of continuous login failures […]
Development - SQL Server 2014
How to get information about an AG group using powershell - Hi Experts, Does anyone has a powershell script which displays below information: for a given AG listener name or AG group name, I need to get Listnener name, AG name, replicas , replica role desc , Can we get this information using pure powershell which reads registry values or do we need to execute a […]
SQL 2012 - General
SQL Monitoring - Hi All, I have SQL 2012 instance on a vm server  which I am testing with Red Gate Monitoring Tool installed on my machine and my machine machine is set a base monitor for testing purpose. Problem I am facing is that  it only monitor while I am logged on to the machine. If  I […]
Strategies and Ideas
Tracking History in Fact Table - Hi, I was hoping somebody would be able to offer advice in relation to tracking history in a fact table, in particular whether #2 below would be a viable option? I would have thought that #1 would be bad for performance given the volume of records created through history so maybe not best practice?. If […]
 

 

RSS FeedTwitter

This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com.
©2019 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
webmaster@sqlservercentral.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -