Stairway to SQL Server Security

Stairway to SQL Server Security Level 7: Security Across Databases with Cross-Database Ownership Chaining

Sometimes you need to reach outside a database and access data and objects from multiple databases, which raises some security issues and increases the complexity of data access. In this stairway level, you’ll learn about cross-database ownership chaining so that you can reach across database boundaries securely.

4.67 (3)

You rated this post out of 5. Change rating

2024-05-08 (first published: )

10,992 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 9: Transparent Data Encryption

Even an otherwise well-secured database is susceptible to attack if an attacker is able to get access to the disk files that comprise the database. Cell-level encryption can protect some of the data, but for complete protection against this kind of attack it is necessary to encrypt the files and not just the data. That is exactly what Transparent Data Encryption (TDE) does, and in this stairway level you'll learn what TDE does, how it works, and how to make use of it to protect your database files.

5 (3)

You rated this post out of 5. Change rating

2023-03-15 (first published: )

6,212 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 11: Auditing

By defining server- and database-level audits, you can record just about any kind of event that occurs in SQL Server, which can be an invaluable source of security troubleshooting and forensic information when security breaches occur. In this stairway level you’ll learn how to define the various audit specification objects, how to capture audit data, and how to explore and use the data.

5 (1)

You rated this post out of 5. Change rating

2023-03-08 (first published: )

8,280 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 4: Permissions

A permission gives a principal access to an object to perform certain actions on or with the object. SQL Server has a mind-numbingly huge number of permissions that you can grant to a principal, and you can even deny or revoke those permissions. This sounds a bit complicated, but by the end of this stairway level you’ll understand how SQL Server permissions work and how you can exert very granular control over object creation, data access, and other types of actions on database and server objects.

4.67 (3)

You rated this post out of 5. Change rating

2022-09-28 (first published: )

9,520 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 5: Schemas and Security

In this stairway level you’ll learn how you can give principals access to groups of objects by assigning permissions on schemas instead of individual tables, code modules, and other objects. You’ll also learn about the benefits of user-schema separation and how it can increase object security, and how using default schemas for users and groups can simplify object access management and security.

4 (1)

You rated this post out of 5. Change rating

2022-09-21 (first published: )

12,050 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 2: Authentication

Authentication is the first step in letting a principal get access to an instance of SQL Server, essentially resolving the question, Who are you? In this stairway level you’ll learn about the basics of authentication and the authentication options available. This level covers logins and users and you’ll learn about the password policies that can help strengthen SQL Server authentication.

You rated this post out of 5. Change rating

2021-03-17 (first published: )

10,075 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 3: Principals and Securables

What is a SQL Server principal? And what does it get a permission on? In this stairway level, you’ll learn about the various principals that can be authorized through permissions to perform actions and access securable objects in the SQL Server instance.

You rated this post out of 5. Change rating

2019-08-21 (first published: )

11,446 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 1: Overview of SQL Server Security

The ubiquity of databases and the potentially valuable information stored in them makes them attractive targets for people who want to steal data or harm its owner by tampering with it. Making sure that your data is secure is a critical part of configuring SQL Server and developing applications that use it to store data.

4.5 (2)

You rated this post out of 5. Change rating

2019-08-07 (first published: )

14,642 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 10: Row-Level Security

Unlike some other industrial-strength database servers, SQL Server lacks a built-in mechanism for protecting individual data records, called row-level security. This stairway level explores why you might want to use such a low-level granularity of data access security and how you can implement row-level security.

5 (1)

You rated this post out of 5. Change rating

2015-07-29

6,312 reads

Stairway to SQL Server Security

Stairway to SQL Server Security Level 8: Data Encryption

This stairway level will explore data protection through encryption, both when the data is in motion across the network or in memory and at rest in a table. You’ll learn about the encryption key hierarchy and the various kinds of keys you can use to encrypt data, as well as how you can manage the keys or let SQL Server do it for you.

5 (1)

You rated this post out of 5. Change rating

2015-04-15

7,465 reads

Blogs

Day 2 at PASS Data Community Summit 2024

By

I missed blogging yesterday as I was on stage/backstage for quite a bit of...

PASS Summit 2024 – Wednesday

By

A common theme in the PASS Summits I've attended is community and that's definitely...

Taming Database Challenges: Insights from Redgate Keynote

By

I am excited to cover the Microsoft Keynote on Day 2: Redgate Keynote: Simplifying...

Read the latest Blogs

Forums

Deduplicating rows by choosing the row with the shortest string

By Mark Dalley

Hello T-SQL experts I have a table containing team codes and descriptions. Unfortunately, many...

query help

By Bruin

I need some help to optimize this query as it runs in many threads...

Unencrypted connections in Always on Availability Group

By Awais Afzal

Hi, In my Always On Availability environment, I am seeing two encrypt_option values as...

Visit the forum

Question of the Day

Using Outer Joins

I have this data in a SQL Server 2019 database:

Customer table
CustomerID CustomerName
1          Steve
2          Andy
3          Brian
4          Allen
5          Devin
6          Sally

OrderHeader table
OrderID CustomerID OrderDate
1       1          2024-02-01
2       1          2024-03-01
3       3          2024-04-01
4       4          2024-05-01
6       4          2024-05-01
7       3          2024-06-07
8       2          2024-04-07
I want a list of all customers and their order counts for a period of time, including zero orders. If I run this query, how many rows are returned?
SELECT 
  c.CustomerName, COUNT(oh.OrderID)
 FROM dbo.Customer AS c
LEFT JOIN dbo.OrderHeader AS oh ON oh.CustomerID = c.CustomerID
WHERE oh.Orderdate > '2024/04/01'
GROUP BY c.CustomerName

See possible answers