We are solidly in the age of the data breach, and companies are justifiably nervous. But not nearly nervous enough. “As with any security issue, a full review of all companies, systems, third-party applications and related IT solutions must be completed before final determinations can be made.”
Tag: Security
Restrict the usage of a SQL Server Authenticated Application Id
SQL Server login ids may not be the most secure thing in the world but they are likely to be around for quite a while and one of the more common uses of them is as an application id. An application uses a SQL Server id to connect to SQL and then controls its own…
Quiz: How well do you know security best practices?
Check out our new quiz. Quiz #3: How well do you know security best practices? In case you missed any of our previous quizzes, they can all be found here: All Quizzes.
I’m the new DBA, and I’m locking down development servers
Many times, I’ve started with a company as one of their first, if not the first DBA. They’ve acquired enough servers now, with enough data moving around, that they just can’t continue as they are. There’s no shortage of developers to can write stored procedures or SSIS packages, or to write a new page for…
5 Tips for Friday: Security
Today I am starting a new series called 5 Tips for Friday. Every Friday, I will post 5 best practice tips for a particular subject. For the inaugural 5 Tips for Friday, I am going to post tips about Security. Don’t use impersonation: Unfortunately, some people think that the recommendation to use Windows authentication means…
Why is a Windows authenticated login more secure than a SQL authenticated one?
I had this question come up at work the other day and while I knew it was true I wasn’t as sure about why as I’d like. The person I was working with wanted a real answer, not just Because I say so, so off to the internet I went. What I knew before I…
What Really Causes Performance Problems?
Every IT shop has its problems with performance: some localized, and some that span a server, or even multiple servers. Technologists tend to treat these problems as isolated incidents – solving one, then another, and then another. This happens especially when a problem is recurring but intermittent. When a slowdown
Is it safe to grant Administer Bulk Operations?
First I guess we had best start with definitions right? The permission Administer Bulk Operations and the role bulkadmin are required (one or the other) to perform bulk imports. Nothing more, nothing less. There is a really nice comparison of the two here. So as with all permissions we only grant them if there is…
Do You Trust Your Application Admins?
I was sitting at my desk, happily minding my own business when an alert came through that a database backup had failed. Ok, backups fail, I just figured one of the transaction log backups hiccupped (we’ve been having some problems the last few days). When I looked at the failure it was a backup trying…
Keeping Track of Details
After creating a few new SQL accounts this morning, I thought I would share how I keep track of minor details like this. We use SharePoint for our department to track documents, procedures, processes, etc. This is a great place to track minute SQL Server details like accounts and databases. For example, we have over…