THE SQL Server Blog Spot on the Web

Welcome to SQLblog.com - The SQL Server blog spot on the web Sign in | |
in Search

Browse by Tags

All Tags » Security » SQL Server   (RSS)
Showing page 1 of 2 (13 total posts)
  • Schemas as Security Boundaries

    There was a question yesterday on Twitter (hashtag #sqlhelp) wondering how to let developers create stored procedures and then grant the rights to those procedures to other people. I believe that question got answered, but it also brought up the subject of Schemas, which I've blogged about before. Schemas can act both as a container and a ...
    Posted to Buck Woody (Weblog) by BuckWoody on August 3, 2010
  • Don’t mess with the system databases in SQL Server, or Error: 916

    Note: If you’re reading this more than a few months away from July of 2010, do more research. Never trust an old blog as gospel on anything, including my entries. Always refer to Books Online for the authoritative answer, and if it’s wrong, file a bug against it using the “Feedback” Button.   It kinds of goes ...
    Posted to Buck Woody (Weblog) by BuckWoody on August 2, 2010
  • The TechNet Wiki and Updated Security Checklists

    You're probably familiar with a Wiki - a document set that anyone can edit. Did you know TechNet (Microsoft's source for technical professionals) has one? And did you know there are lots of folks keeping it up to date? Well, Rick Byham, one of my friends over in the SQL Server group has posted a bunch of security checklists - and you know how much ...
    Posted to Buck Woody (Weblog) by BuckWoody on July 27, 2010
  • A strategy for managing security for different environments using the Database Development Tools in Visual Studio 2010

    Intro Of late I have been getting down and dirty with the Database Development tools in Visual Studio 2010. You may know this feature set by one of the plethora of other names it has had over recent years such as: Visual Studio Team System for Database Professionals DBPro Datadude For the rest of this post I’ll stick with the colloquial ...
    Posted to Jamie Thomson (Weblog) by jamiet on July 21, 2010
  • Cross-Pollination

    I was reading this post on J.D. Meier's Blog, which deals with the “cloud” (I really dislike that term). You might wonder what that has to do with SQL Server, since it isn’t specifically about SQL Azure. I’ll come back to that in a moment. I play a little music now and then, on the keyboards and with a guitar as well as the mandolin and banjo. ...
    Posted to Buck Woody (Weblog) by BuckWoody on July 13, 2010
  • Security Goes Underground

    You might not have heard of as many data breaches recently as in the past. As you’re probably aware, I call them out here as often as I can, especially the big ones in government and medical institutions, because I believe those can have lasting implications on a person’s life. I think that my data is personal – and I’ve seen the impact of ...
    Posted to Buck Woody (Weblog) by BuckWoody on April 22, 2010
  • Backup those keys, citizen

    Periodically I back up the keys within my servers and databases, and when I do, I blog a reminder here. This should be part of your standard backup rotation – the keys should be backed up often enough to have at hand and again when they change. The first key you need to back up is the Service Master Key, which each Instance already has built-in. ...
    Posted to Buck Woody (Weblog) by BuckWoody on April 20, 2010
  • Have you backed up your keys lately?

    Did you know that you already have a Server Master Key (SMK) generated for your system? That’s right – while a Database Master Key (DMK) is generated when you encrypt a certificate or Asymmetric Key with code, the Server Master Key is generated automatically when you start the Instance. So you should back all of those keys up periodically, and ...
    Posted to Buck Woody (Weblog) by BuckWoody on March 1, 2010
  • Transparent Data Encryption and the Latest Data Breach

    Well, It’s happened again. Hundreds of thousands of private records were stolen from a database. This one, however, was different. No one stole any passwords, no one did any social engineering, nothing was captured in-line. No, this one was accomplished by stealing the actual hard drives themselves!  When a thief breaks in and steals hard ...
    Posted to Buck Woody (Weblog) by BuckWoody on February 1, 2010
  • Encrypt it in .NET/Decrypt it on SQL Server?

    A common question on the newsgroups is ''how do you encrypt data in a .NET [or other] client application and then decrypt it on SQL Server [or vice versa]?'' I actually ran down my list of answers to someone who asked this in the newsgroups a few weeks ago. I won’t get into the details, but the answers all pretty much say the same thing -- ...
    Posted to Michael Coles: Sergeant SQL (Weblog) by Mike C on January 29, 2010
1 2 Next >
Powered by Community Server (Commercial Edition), by Telligent Systems
  Privacy Statement