maxtardiveau

Can We Please Stop Sending Passwords Over the Wire?

by maxtardiveau

SQLServerCentral

While analyzing SQL Server's network protocol, I came across a weird fact: when a database client logs in using SQL Server authentication (as opposed to Windows authentication), it has to send the user's password to the server, in blatant violation of common security guidelines. At first, I couldn't believe it; SQL Server generally does an […]

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

5 (8)

2022-03-02

4,421 reads

Discuss

Query control made easy

by maxtardiveau

SQLServerCentral

Security

Overview As we all know, data security is a never-ending battle. Every day, we hear of new data breaches. It's a hard problem, and there is no single solution, other than a defense in depth. Let's look at one of those defenses for databases: query control. Query control is a simple idea: most applications access […]

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

4.25 (4)

2022-01-07

3,234 reads

Discuss

SQL Server Data Classification Comes Alive

by maxtardiveau

SQLServerCentral

Overview Microsoft SQL Server 2012 introduced a feature called data classification, which allows you to mark certain columns with labels, indicating that these columns contain sensitive or special-handling data. For instance, you may want to mark a column containing credit card numbers as "confidential", or sales numbers as "management only". The problem is that you […]

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

5 (1)

2021-12-10

3,461 reads

Discuss

SQL Server Data Masking: a comparison with Gallium Data

by maxtardiveau

SQLServerCentral

Introduction In SQL Server 2016, Microsoft introduced a new feature called dynamic data masking, which allows you to mask the values of certain columns and keep that data hidden from certain users, without having to modify your applications. Let's take a look at how SQL Server does data masking, and compare it to the way Gallium Data […]