No Defaults Passwords Ever
Steve doesn't see a reason why we should have default passwords on systems ever.
2026-01-17
49 reads
Security
Minimally Viable Security
Today Steve talks about the need for a basic level of security in our software.
2026-01-05
70 reads
SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data
Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
2025-12-03
2025-10-15
107 reads
The Security of Old Tech
Older technology can introduce security issues, along with performance ones. Keeping your systems somewhat up to date is important for security.
2025-09-12
70 reads
Password Guidance
Passwords are essential and also a problem in many organizations. Guidance has changed over the years and Steve has a few thoughts on what's recommended today.
2025-09-10
133 reads
Zero-Trust Architecture for Cloud-Based AI Systems
Zero-Trust Architecture (ZTA) emerges as a strong security paradigm for cloud-based AI systems, fundamentally operating on the principle of “never trust, always verify.” Unlike conventional security models, ZTA assumes potential compromise exists within the network and requires continuous verification of every access request regardless of origin.
2025-07-09
Cloning Master Admin User Permissions in Amazon RDS for SQL Server with Fine-Grained Control
This article explores how to securely clone the master user permissions in Amazon RDS for SQL Server using a custom stored procedure, usp_rds_clone_login. It outlines a step-by-step process to generate, review, and apply a script that replicates server- and database-level access from the master user to a new login without directly exposing elevated credentials. The guide emphasizes the principle of least privilege, supports named account management, and enables transparent, auditable permission handling for DBAs and applications. Designed for secure and scalable environments, this solution enhances operational security while maintaining administrative flexibility in Amazon RDS.
2025-07-09
650 reads
Are Data Breaches Inevitable?
Steve examines the idea that we might all have a data breach at some point.
2025-05-16
87 reads
More Supply Chain Attacks
Code is vulnerable to supply chain attacks, which aren't something many of us think about.
2025-03-21
107 reads
Blogs
Using SQL Compare with Redgate Data Modeler
By Steve Jones
Redgate recently released SQL Compare v16, which included a new feature to work with...
Who’s the Winningest Coach (with AI Help)
By Steve Jones
I was listening to the radio the other day and the hosts were discussing...
Learning from Mistakes: T-SQL Tuesday #194
By Steve Jones
We’re a week late, once again my fault. I was still coming out of...
Forums
What is Page Density
Comments posted to this topic are about the item What is Page Density
T-SQL in SQL Server 2025: Fuzzy String Search II
Comments posted to this topic are about the item T-SQL in SQL Server 2025:...
Azure-SSIS, Self-Hosted Integration Runtime, & Data Gateway?
Looking to confirm my understanding of these three products and how they can be...
Question of the Day
What is Page Density
In SQL Server, there is a concept of page density. This is determined by how much data is stored on each page. What is a page density of 90%?
See possible answers