Is There Interest in SQL Server Security Pre-Cons?

, 2013-11-05 (first published: )

I’m very passionate about security, especially database security. As the numbers with regards to data breaches continue to climb, this is become even more important to me. I’ve been affected personally by data breaches, as have many others. For instance, I’ve had to change out my credit cards due to payment processor breaches, I was affected by the South Carolina Department of Revenue breach, and I’m sure there are others, maybe ones that weren’t reported, that I was affected by as well. I enjoy speaking on security, but a 45-75 minute session barely scratches the surface when it comes to any security topic. I’d love to spend more time covering more information, diving down into more details, etc., for those wanting to learn. The best way to do that is probably through a pre-con at a SQL Saturday. I’ve given half day and full day sessions before, primarily to IT auditors, and I’m thinking the same sort of time length is appropriate to convey enough information to make it worth paying for. Here’s a sample agenda from one of my half day courses to give you an idea of what I’m thinking about (this is from a SQL 2000-2008R2 class):

  • Hour 1

    • General Security Principles We Follow
    • Hardening OS and SQL Server – Surface Area
    • Access SQL Server and its Databases
  • Hour 2

    • SQL Server’s Permission Model
    • Changes from SQL Server 2000 to 2005
  • Hour 3

    • Auditing using Triggers
    • Server Side Traces
    • Audit Object
  • Hour 4

    • Built-In Encryption Options

If you think you’d be interested in such a pre-con, especially if you’re a SQL Saturday organizer, comment on this post or, better, send me an email at brian {dot} kelley {at} sqlpass {dot} org (note the spelling on the last name as kelly will cause it to bounce).

Rate

Share

Share

Rate

Related content

Database Mirroring FAQ: Can a 2008 SQL instance be used as the witness for a 2005 database mirroring setup?

Question: Can a 2008 SQL instance be used as the witness for a 2005 database mirroring setup? This question was sent to me via email. My reply follows. Can a 2008 SQL instance be used as the witness for a 2005 database mirroring setup? Databases to be mirrored are currently running on 2005 SQL instances but will be upgraded to 2008 SQL in the near future.

2009-02-23

1,567 reads

Networking - Part 4

You may want to read Part 1 , Part 2 , and Part 3 before continuing. This time around I'd like to talk about social networking. We'll start with social networking. Facebook, MySpace, and Twitter are all good examples of using technology to let...

2009-02-17

1,530 reads

Speaking at Community Events - More Thoughts

Last week I posted Speaking at Community Events - Time to Raise the Bar?, a first cut at talking about to what degree we should require experience for speakers at events like SQLSaturday as well as when it might be appropriate to add additional focus/limitations on the presentations that are accepted. I've got a few more thoughts on the topic this week, and I look forward to your comments.

2009-02-13

360 reads