Problems displaying this newsletter? View online.
SQL Server Central
Featured Contents
The Voice of the DBA
 

A Double Failure

Every server ought to have a password. Every one.
 
It's 2019, and apparently that advice hasn't sunken in. I still can't believe there are people without passwords/codes on their mobile devices or home PCs, but there are. It's crazy, and while I can forgive some individuals for doing this, no IT infrastructure staff or developer ought to do this. And yet, a double fail recently from Evisort.
 
This is a startup doing some AI work, but apparently they set up an Elasticsearch server without a password. I've written about this before, and you set a password, but don't have to. That's both an Elasticsearch failure for not requiring one, but also a monumental failure on the part of whoever set this up inside a company.
 
Use. A. Password.
 
The second fail is with this server being claimed to be a "testing and development" server. If that's the case, why was production, live data on it? I know many people do this, but if you use that data in non production environments, the data needs to be secured. I'm sure it's especially hard for AI/ML systems to work without real data, unlike other database driven applications, but if you need live data, you need real security here.
 
If you don't want to do this, then you need masked, obfuscated, pseudonymized, generated, or other data that can be used. I've realized the problems and scope of this across the last few years in my work with Redgate customers, while looking at the challenges and problems brought about by using this data. We've also see there is a lot of potential liability with new regulations like the GDPR and the CCPA for poor data security.
 
I used to worry about the state of our industry with the poor quality of so many applications written in the 80s and 90s. Now I worry even more about the problems of poor data security. I don't have good answers, but I know we need to do better.

Steve Jones - SSC Editor

Join the debate, and respond to today's editorial on the forums

 
Redgate Data Masker
  Featured Contents

Using Azure Data Studio with TFVC

Steve Jones - SSC Editor from SQLServerCentral

Azure Data Studio (ADS) is a lightweight IDE built on Visual Studio Code. I've written a few articles on how the tool works, shown here: Getting Started with Azure Data Studio Getting Comfortable Writing Code in Azure Data Studio Using Notebooks in Azure Data Studio If there are other features you're interested in, let me […]

Microsoft SQL Server: Current Identify Column Value in a Table

Additional Articles from Database Journal

Learn how to find the current identify column value in your Microsoft SQL Server tables.

From the SQL Server Central Blogs - Visualizing NFL Draft History with Power BI

Dustin Ryan from SQLServerCentral

With the 2019 NFL Draft upon us, of course I wanted to visualize some NFL draft data in Power BI. So I put together this interesting set of visualizations...

From the SQL Server Central Blogs - Correlated Subqueries vs Derived Tables

Bert Wagner from SQLServerCentral

Correlated subqueries provide an intuitive syntax for writing queries that return related data. However, they often perform poorly due to needing to execute once for every value they join on....

 

  Question of the Day

Today's question (by Steve Jones - SSC Editor):

 

Cleaning Your Tables

What does DBCC CLEANTABLE do?

Think you know the answer? Click here, and find out if you are right.

 

Redgate Database Devops
 

 

  Yesterday's Question of the Day (by Steve Jones - SSC Editor)

Statistics Profile

What does SET STATISTICS PROFILE ON do?

Answer: Gives the actual number of rows and number of executions for each line that is returned by the SHOWPLAN_ALL results.

Explanation: This setting will return a result set that contains all the data from the SHOWPLAN_ALL results, but with two additional columns:

  • Rows - actual number of rows produced
  • Executes - number of times the operator has been executed.

Ref: SET STATISTICS PROFILE - https://docs.microsoft.com/en-us/sql/t-sql/statements/set-statistics-profile-transact-sql?view=sql-server-2017

Discuss this question and answer on the forums

 

 

 

Database Pros Who Need Your Help

Here's a few of the new posts today on the forums. To see more, visit the forums.


Bulk Update From List - I would like to update the EmailAddress column of a database table with emails from a list . So basically I have two lists, Emails and Username lists. I want to check each value of the UserName column against the Username  list. Then I would like to update the EmailAddress column with the email from […]
I need help to build a query with wildcard and strings. - Hello I need a query to bring all the account  (6 varchar) when the user type into the field the three first numbers or full account I have account 100101, 100102, 100103, 235101,235102, When user type 100 all the 100's will be in the report. If anyway   I was using wildcard but it didn't work. […]
Combing FailOver Cluster Instance with AlwaysOn Availability Group for DR - Hello Folks, I've a requirement to add AlwaysOn for DR on top of an existing FCI (Failover Cluster Instance). Please provide detailed steps on how to configure this. Any issues on this setup. Existing FCI - 2 Node Active-Passive (Physical Servers) Environment: SQL 2014 Enterprise / Windows Server 2012 R2   Many thanks!
SSRS - Display field value based on user - Hello, WHile using SSRS, I only want to display a fields data value if the user is a specific person, otherwise I want to set the field value in the Tablix to "0'.  I believe  the following  expression would be correct but isgenerating an error message.  Can someone provide some insight?  Many Thanks in advance! […]
QotD: 'Answer This' link still active after answering question -   With the new interface, the only way I seem to be able to get back to the list of questions is to click on QotD in the menu bar, but then many of the questions I'd already answered (correctly or incorrectly) appear as unanswered, i.e. the 'Answer This' link is active. I'm using Chrome […]
Deleting or updating two rows based on a value of one of them - Hi I need help in updating or deleting two rows based on the value of one of the columns. For example, please note the sample data I have provided. CheckNumber 20009, I have three rows. two of the rows have a value of 1 in removed.  In this case, I need to update to any […]
Add Zero(0) to columns based on Min and Max value of the record. - Here min Calendar year is 2010 and max Calendar year is 2013 How to add Zero to employes who does not have that year Input sample: Salesamount CalendarYear Employee 637000 2010 282 3440000 2011 282 4415000 2012 282 3294000 2013 282 1898000 2011 291 4985000 2012 291 3631000 2013 291 478000 2012 296 1209000 2013 […]
XMLAErrorOLE DB error: OLE DB or ODBC error: Invalid column name - I recently added two new measures into my cube, the measures were called AssetValueUSD and InvoiceValueUSD, I also added them to my perspective and my partition query. When I then processed the cube I got an error XMLAErrorOLE DB error: OLE DB or ODBC error: Invalid column name 'AssetValueUSD'. Any idea what I've missed?
Change of a data flow arrow to point to different component ? - It doesn't seem to be possible to change a data flow arrow to point to a new component ? i.e. If I want to insert a new "Row Count" component between a Slowly Changing Dimension component and an "Insert Destination" component for an existing ETL process. Or is there some "trick" that can allow me […]
Dimension property : OrderBy Key - Hi guys, I'm a newbie in development of Sql Server Analysis, I would like to ask some guidance. It's a basic really. I have a Date Dimension with one of the attribute is Month. Question is in that property OrderBy there are 4 options : Key Name Attribute Key Attribute Name The default is Name, […]
Status Update 2 May 2019 - It's been a few days, but I've been out of town and no time to review changes. Quite a few items worked through this week and some nice changes. Code scrolling for wide lines (yay!) Forum rewriting of some links/titles is fixed to allow links to specific posts Remembering your notification settings works with replying […]
Fixate the Menu bar - Is it possible to make Menu bar and Search bar to be always visible and not scroll with the page?
SSIS: Ignore corrupted files when importing flat files - Hello, I created a package that imports csv files into a foreach from a defined directory to a sql server table. It is possible that in this directory there are some corrupt files that is to say they do not have the right number of columns waited by the source component of the flat file. […]
TSQL: How to transform first row as column name? - Hello, I hope you are all well. I would like your help on a data transformation task that I have. I would like to convert the first row of a table to a column name I am working on SQL Server Azure and I get daily data from another service.This service loads a table that […]
Date time time zone conversion built in function - I have legacy databases that stores all data in U.S. Central Standard Time.   Some servers are on CST and others are on UTC.  Built-in function getdate() gets date in the server time, while getutcdate() gets date in UTC.  I need a function that will always return date in CST irrespective of the server time. I […]
 

 

RSS FeedTwitter

This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com.
©2019 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
webmaster@sqlservercentral.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -