Encryption Leaks
I thought this was a rather amazing fact, though I'm not surprised by it. People that partially encrypt their disks, say for example the "My Documents" folder only,might have data leaking from the encrypted disk to the unencrypted disk.
How? It's mainly because of mainstream application such as Word and Google Desktop using temporary storage on other, unencrypted parts of the disk. That makes perfect sense if you think about it, after all, these applications need to create temporary versions while you're working, and they're not aware of encryption. Most likely if you use partial disk encryption, you should be sure that you encrypt the "temp" directories that your applications use.
This had me slightly worried about SQL Server, after all, it has a new Transparent Data Encryption feature that encrypts your database on disk. It does not require any changes to your applications, but SQL Server definitely uses temporary space (in tempdb) and things are unencrypted in memory.
However the SQL Server team has done some work to prevent issues here. Once you encrypt a database, any database, tempdb is also encrypted. This means that temporary workspaces in that database are protected, however all databases on the instance have an encrypted tempdb. Something to consider if you have heavy tempdb usage in some databases. The other thing is that the log is encrypted from that point forward, so if you enable encryption, you might want to immediately back up the log so that there isn't any more unencrypted data in there.
Web 2.0 Development
I was a little surprised by this article on web 2.0 development lessons because it seems as though these are basic agile development things that many groups are implemented. Working closely with customers, releasing often and keeping things small and simple are tricks that I'd expect most developers to be implementing.
To be successful in today's very fast paced world, an IT group needs to respond quickly to changes and be as flexible as possible. The days of large monolithic releases based on a waterfall development cycle should be behind most development shops.
Either InfoWorld is behind the times or these ideas aren't as widely spread as I thought. I'm hoping it's the former.
Steve Jones
Steve's Pick of the Week
Triggers... Evil? An interesting blog post that looks at some of the reasons why you need triggers and why not to use them. Personally I avoid them if at all possible.
The Voice of the DBA Podcasts
The podcast feeds are now available at sqlservercentral.podshow.com to get better bandwidth and maybe a little more exposure :). Comments are definitely appreciated and wanted, and you can get feeds from there.
or now on iTunes!
- Windows Media Podcast - 27.4MB WMV
- iPod Video Podcast - 21.4MB MP4
- MP3 Audio Podcast - 4.4MB
Today's podcast features music by Incompetech. Kevin Macleod has some great compositions in all genres of music. Check him out at www.incompetech.com.
I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.