First I guess we had best start with definitions right? The permission Administer Bulk Operations and the role bulkadmin are required (one or the other) to perform bulk imports. Nothing more, nothing less. There is a really nice comparison of the two here. So as with all permissions we only grant them if there is…
Category: Security
Do You Trust Your Application Admins?
I was sitting at my desk, happily minding my own business when an alert came through that a database backup had failed. Ok, backups fail, I just figured one of the transaction log backups hiccupped (we’ve been having some problems the last few days). When I looked at the failure it was a backup trying…
Keeping Track of Details
After creating a few new SQL accounts this morning, I thought I would share how I keep track of minor details like this. We use SharePoint for our department to track documents, procedures, processes, etc. This is a great place to track minute SQL Server details like accounts and databases. For example, we have over…
How Do You Provide Passwords To Your Users?
Passwords are a necessary evil and there are times when you have to hand out a password for a SQL login (because the POS application doesn’t support Windows Authentication). Traditionally I’ve done this by sending an email to the user with the login and a separate one with the password, figuring that internal security controls…
AD Accounts Are Great, But…
Using Windows Authentication for your database is a great best practice to follow. However, one caveat to remember as one of my administrators found out today. Do not use that account as a login if it is also the account you use for your database. We setup an AD account for his database, that part…
Good Best Practice Advice from the Pensacola Pre-Con, Round Two
Yesterday, I wrote about some advice that I received at the pre-con titled “Demystifying Database Administration Best Practices” which was presented by Microsoft Certified Masters Robert Davis (twitter|blog) and Argenis Fernandez (twitter|blog) from SQL Saturday #132 in Pensacola, Florida. Here are some more gems: Instant File Initialization is critical for performance, read more from Kimberly L. Tripp (twitter|blog). If you…
Good Best Practice Advice from the Pensacola Pre-Con
For my first blog about SQL Saturday #132, I wanted to review some of the good advice I received from the pre-conference training on Friday prior to the event. The pre-con titled “Demystifying Database Administration Best Practices” was presented by Microsoft Certified Masters Robert Davis (twitter|blog) and Argenis Fernandez (twitter|blog). Some of these I knew, some…
Hardening SQL Server
My new article for SQL Server Magazine on Hardening SQL Server has been posted online and will appear in an upcoming print issue. This article is a brief explanation of how to secure SQL Server against malicious attack or invasion. This article can serve as a guide for preventing your SQL Servers from being compromised.…
Fun With Windows Logins In SQL
Sometimes you come across quirkiness when playing with SQL Server. Once in a while those things are related to security. This happens to be one of those times. Release My Code I was provided with a script by the dev team to create a new proc and grant permissions on that proc to a Windows…