SQL Server and SOX

The Sarbanes-Oxley act has changed many IT jobs, usually requiring more work and documentation. Johan Bijnens brings us a list of some things his team has had to do to comply with SOX regulations.

Stop SQL Injection Attacks Before They Stop You

This article discusses: How SQL injection attacks work, Testing for vulnerabilities, Validating user input, Using .NET features to prevent attacks, and Importance of handling exceptions

SQL Server patch pros and cons

A patch to your SQL Server system can cause problems, but an unpatched SQL Server is unprotected. Learn the pros and cons of SQL Server patches.

An Auditing Solution with XML And XSL

Auditing is something that almost every DBA needs to tackle at some point in his or her career. David McKinney brings a new twist on the solution by using XML and XSL to help implement auditing in your SQL Server application.

Data Security: Stop SQL Injection Attacks Before They Stop You

This article discusses: How SQL injection attacks work, Testing for vulnerabilities, Validating user input, Using .NET features to prevent attacks, Importance of handling exceptions

A Simple Approach to SQL Server 2005 Encryption

SQL Server 2005 has added encryption capabilities to the platform, much to the delight of many DBAs. However setting up encryption can be confusing and difficult for most DBAs. New author Mike Good brings us a perspective from someone who is brand new to this set of features and has spent time working through the functions and documenting them for the rest of us.

SQL Server Password Management:

Improving SQL Server password management includes thorough password testing and securing SQL Server installations beyond the main database server.

You have just removed the builtin/Administrators group from...

Temporarily Changing an Unknown Password of the sa Account

You are asked for the sa password for a SQL Server in order to perform a software upgrade. You, the DBA, don't know the password and it's not documented. Rodney Landrum provides a way out of this dilemma, demonstrating two techniques for temporarily changing the password, and then returning it to its previous unknown value.

Encryption: Not the End-All Fix for Data Privacy

Many state data-breach laws exempt encrypted data from PR-nightmare public-notice requirements, but don't let that fool you into thinking it's an easy answer to the data privacy challenge. Here's the lowdown on loopholes, caveats and options to consider when applying encryption.