No Defaults Passwords Ever
Steve doesn't see a reason why we should have default passwords on systems ever.
2026-01-17
62 reads
Security
Minimally Viable Security
Today Steve talks about the need for a basic level of security in our software.
2026-01-05
72 reads
SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data
Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
2025-12-03
2025-10-15
108 reads
The Security of Old Tech
Older technology can introduce security issues, along with performance ones. Keeping your systems somewhat up to date is important for security.
2025-09-12
70 reads
Password Guidance
Passwords are essential and also a problem in many organizations. Guidance has changed over the years and Steve has a few thoughts on what's recommended today.
2025-09-10
133 reads
Zero-Trust Architecture for Cloud-Based AI Systems
Zero-Trust Architecture (ZTA) emerges as a strong security paradigm for cloud-based AI systems, fundamentally operating on the principle of “never trust, always verify.” Unlike conventional security models, ZTA assumes potential compromise exists within the network and requires continuous verification of every access request regardless of origin.
2025-07-09
Cloning Master Admin User Permissions in Amazon RDS for SQL Server with Fine-Grained Control
This article explores how to securely clone the master user permissions in Amazon RDS for SQL Server using a custom stored procedure, usp_rds_clone_login. It outlines a step-by-step process to generate, review, and apply a script that replicates server- and database-level access from the master user to a new login without directly exposing elevated credentials. The guide emphasizes the principle of least privilege, supports named account management, and enables transparent, auditable permission handling for DBAs and applications. Designed for secure and scalable environments, this solution enhances operational security while maintaining administrative flexibility in Amazon RDS.
2025-07-09
680 reads
Are Data Breaches Inevitable?
Steve examines the idea that we might all have a data breach at some point.
2025-05-16
88 reads
More Supply Chain Attacks
Code is vulnerable to supply chain attacks, which aren't something many of us think about.
2025-03-21
107 reads
Blogs
Claude Code Helps Analyze Test Data Manager Log Files
By Steve Jones
I had a customer ask about analyzing their Test Data Manager (TDM) usage to...
PowerPoint to HTML with Claude AI
By Steve Jones
I had an idea for an animated view of a sales tool, and started...
Don’t Miss Out – SQL Server Query Tuning Fundamentals Starts Next Monday!
Next Monday, February 9, 2026, my one-day live online training SQL Server Query Tuning...
Forums
Why the following cmds in sequence do not work
I need to delete rows from both the temporal main and history tables. The...
When SQL Server Central Went Down
Comments posted to this topic are about the item When SQL Server Central Went...
The String Distance I
Comments posted to this topic are about the item The String Distance I
Question of the Day
The String Distance I
In SQL Server 2025, what is returned by this code:
SELECT EDIT_DISTANCE('tim', 'tom')
Assume preview features are enabled. See possible answers