THE SQL Server Blog Spot on the Web

Welcome to SQLblog.com - The SQL Server blog spot on the web Sign in | |
in Search

Browse by Tags

All Tags » Security   (RSS)
Showing page 3 of 5 (42 total posts)
  • Case Study: Secure Log Shipping via SSL FTP

    Today I’m putting up sort of an oddball solution I build a couple of months ago. We had the need to provide a reporting copy of some production databases for analysts to do ad-hoc reporting. The trick was that we needed to move the databases from a less secure location into a more secure location, with an untrusted domain boundary and a firewall ...
    Posted to Merrill Aldrich (Weblog) by merrillaldrich on May 19, 2011
  • If you disable the guest user, please read this!

    As a matter of security, it is typically recommended to disable the guest user account across your user databases. For system databases, of course you have a tough time disabling guest access for tempdb and master, which are peripherally required for a lot of different types of activity. You have probably felt quite confident in disabling guest ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on April 29, 2011
  • SQL Server v.Next (Denali) : More on contained databases and "contained users"

    One of the reasons for contained databases (see my previous post) is to allow for a more seamless transition when moving a database from one server to another.  One of the biggest complications in doing so is making sure that all of the logins are in place on the new server.  Contained databases help solve this issue by creating a new ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on December 10, 2010
  • Watch out for old stuff

    No, I'm not referring to me, I'm referring to options, config values and such which should really have been removed from the product a long time ago. I was reading a recent blog from Jonathan Kehayias and realize how much old stuff are still visible one way or the other in the product. There are of course commands which has more ...
    Posted to Tibor Karaszi (Weblog) by TiborKaraszi on September 15, 2010
  • A strategy for managing security for different environments using the Database Development Tools in Visual Studio 2010

    Intro Of late I have been getting down and dirty with the Database Development tools in Visual Studio 2010. You may know this feature set by one of the plethora of other names it has had over recent years such as: Visual Studio Team System for Database Professionals DBPro Datadude For the rest of this post I’ll stick with the colloquial ...
    Posted to Jamie Thomson (Weblog) by jamiet on July 21, 2010
  • Bad habits to kick : ignoring the principle of least privilege

    In my last post in this series, I talked about ''blind SQL Server installs'' and some of the potential consequences of making uninformed choices during setup (or of just accepting all of the defaults).  Today I wanted to touch on security a bit. I frequently see cases where we put too much trust where we shouldn't.  In the real world, ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on February 12, 2010
  • Using sa as owner for jobs and databases

    This blog is not about avoiding logging in using the sa login. Hopefully we all know about this, and work towards avoidning this practice. Instead I want to talk about using sa, but not to login (authenticate), but as owner for jobs and databases. I want keep these thing de-individualized - so we avoid things like person A leaving the company and ...
    Posted to Tibor Karaszi (Weblog) by TiborKaraszi on December 30, 2009
  • Trick Question -- Part Trois

    This is the third part of a series (Part 1, Part 2) thinking out loud about the decision making around data access for applications. Once you've considered how tightly bound your application code can safely be to tables, I would like to put two related thoughts out there. First, it's counterproductive, over the long term, to think of only the ...
    Posted to Merrill Aldrich (Weblog) by merrillaldrich on November 16, 2009
  • Fifth pillar - Secure

    As I have mentioned in all of the previous posts, basic functionality is the foundation of any system. So it goes without saying that if you have just implemented a payroll system, everyone is getting paid.  To meet the basic bar that EVERYONE agrees upon, to be useful things have to work. Frankly, this is generally the only criteria which ...
    Posted to Louis Davidson (Weblog) by drsql on October 6, 2009
  • SQL Server Agent jobs and user contexts

    In what user context does a job run? I recently found myself in a forum discussion and gave my stock reply, later realizing that I haven't actually tested this for a long time (I used to demo this in class during 6.5 courses - when we actually had time for slight diversions). Lets start with my assumptions: Job owned by sysadmin, TSQL ...
    Posted to Tibor Karaszi (Weblog) by TiborKaraszi on September 19, 2009
Privacy Statement