Monday Monitor Tips: CIS Compliant

Posted on December 23, 2024 by way0utwest

A new feature added to Redgate Monitor Enterprise automatically. CIS compliance is something many enterprises think about as their auditors use this as a benchmark.

If you’ve never looked at the Center for Internet Security, you ought to glance at them, and check out the benchmarks they have for many systems.

This is part of a series of posts on Redgate Monitor. Click to see the other posts

The CIS SQL Server Benchmark

You might get asked by an auditor how you know your SQL Server estate is secure. There are lots of things you can do, but an easy one is being CIS compliant. There are benchmarks from CIS for many SQL Server versions. You can download the benchmark from CIS as a PDF, go through it, and then start to compare that to your SQL Server instances.

2024-12_0195

That’s not complex, but it is complicated. Lots of moving parts, where do you keep the benchmark data, how do you compare it to your instances, how do you ensure it’s up to date or get notified if it’s not?

This is a simple job, but labor intensive, boring, and tedious. There’s a better way.

Redgate Monitor Compliance

We’ve added a compliance section to Redgate Monitor, which I’ve written about in terms of looking for older versions. However, we also have added to this section with a CIS Benchmark template.

At the top of Redgate Monitor, there is a Security section and Compliance is under this.

2024-12_0196

When I get to the compliance screen, on the right side, I have a drop down for the templates. We’ve pre-loaded the CIS Benchmark in here. I can select that to see how compliant I am.

2024-12_0197

In this case, I’ve filtered to the SSC servers and when I do that, I see that I’m mostly compliant, but just barely. I say me, but this is our IT group that manages the config.

2024-12_0198

There is a disclaimed at the top, which you should note. It links here, where the docs note that this is a template that cannot be deleted or changed. It can be duplicated. Note, this is only for SQL Server 2022.

If I click a server, I see the details of where and where not I am compliant. In tis case, things like database mail ought to be disabled.

2024-12_0200

I can’t change things from here, but I can export this as a report and work on remediation. If I want to set a template that is like CIS, but I have a good reason for an exception, such as the Cost threshold for parallelism set to something different, I can duplicate this template and alter it.

Summary

Auditing and compliance are becoming more important at many organizations, especially in light of the main data breaches and other issues that many organizations have experienced. This might even be required by insurance companies who want to ensure that you have not left open configurations that might become attack vectors.

If you haven’t tried the compliance templates in Redgate Monitor, give it a try, or have a play at monitor.red-gate.com..

Redgate Monitor is a world class monitoring solution for your database estate. Download a trial today and see how it can help you manage your estate more efficiently.

Posted in Blog | Tagged , , | Comments Off on Monday Monitor Tips: CIS Compliant

Signing off for 2024

Posted on December 20, 2024 by way0utwest

Today is really the last day of work for me in 2024. I’ve got some vacation saved up, so I’m heading off next week to enjoy the holidays and catch up on a few chores. Even volleyball will be somewhat suspended, so it will be a nice break.

Happy Holidays and see you in 2025.

Posted in Blog | Tagged | Comments Off on Signing off for 2024

Comforting Habits

Posted on December 20, 2024 by way0utwest

I was chatting with a friend recently about routines and some of the helpful or silly things we do. I mentioned that when I played adult baseball, we often had Sunday morning games and a routine of mine was to drive to town, stop at a 7-11, and get a large cup of coffee and an apple fritter. It was a comforting habit that I still have today, often stopping when I have a morning flight to do the same thing in the way to the airport.

Only in Denver though, not when I’m flying out of other cities and returning home.

At another job, I rode my bike to work. However, I’d drive Monday morning and leave my car at work, taking it home Friday afternoon. In between I’d commute on a bicycle 10-12 miles each way. On Monday, I’d buy a half dozen bagels for the week, which I’d leave in my office. After riding in and showering, I’d toast a bagel and have that with my coffee. It was a nice way to start the day while I scanned email or had a morning meeting.

Apparently, many of my routines revolve around food.

I have other habits, like waking up and checking my email before doing anything else. Not always, but most days I’ll stir, give up on trying to sleep, and scan email from bed to see what is in store for the day. I don’t always get up and go to work, but I can mentally prepare myself for how the workday will go. I’ve often found this helps me ease the way into the day, and I’m less stressed when I’ve broken the question of the day or had some other issue. I am prepared for what I’ll face in the next hour after relaxing with my wife for a bit longer.

Routines not only bring us comfort, but they ground us in the chaos of the real world. Even if we have lost control of our work, with others pressuring us to meet deadlines or fix a broken system, a routine helps us to react calmly and not panic.

Even during security or failure incidents, which can be very stressful, I’d start the issue with a blank notebook page, writing a few known facts down on paper and starting to think forward as to how I’d manage staff. Often this exercise had me making initial decisions about who would work now and who would go home to come back later and relieve people. This was before I knew the scope or details of the problem. Even though I often had to change my plan, having a plan to change gave me comfort.

Think about the repetitive things you do on a daily or weekly basis. Think about the things you do in response to periodic events. What comforting habits do you have that help you get through the day or just bring a smile to your face.

Steve Jones

Listen to the podcast at Libsyn, Spotify, or iTunes.

Note, podcasts are only available for a limited time online.

Posted in Editorial | Tagged | Comments Off on Comforting Habits

My 2024 in Data: Music

Posted on December 20, 2024 by way0utwest

This is my last week of the year working (I guess I come back on the 30th for a minute), so I decided to do some analysis of my year. I like data and numbers, so I’m looking at a few aspects of life this year with data I’ve compiled from previous years.

This is the end of the week and I’m looking at music, which is a big part of my life.

Spotify Wrapped

I listen a lot on Spotify. On my phone, in the car, even at my desk. I do some YouTube at times, and I have my local library from days past loaded into the Spotify app, but mostly I’m streaming.

  • Minutes: 36916 (25.6 days)
  • Songs: 3,598
  • Biggest day: 657 minutes (10 hours, flying DEN-LAX-SYD)
  • Ghost in my Guitar most played, 62 times this year
  • Artists: 1536, Zach Bryan being the top one for me (almost 10% of my minutes)
    • #2 – Beatles
    • #3 – Kanye
    • #4 – John Mayer
    • #5 – Linkin Park

When I look back, this is slightly less than last year. About 40 minutes less streaming, about 100 less artists, about 200 less songs. More repeats.

Interesting that my top artists were similar. John Mayer, Zach Bryan, The Beatles. This year Kanye and Linkin Park replaced U2 and Chris Stapleton. Previous years had Jay-Z, Tupac, and Kenny Chesney in there.

I like to think I explore different music, but not a lot (apparently). I tend to listen to familiar things and keep some playlists around for a long time.

Guitar

Another part of my music is that I play guitar to relax. I keep an acoustic Sweetwater guitar by my bed and will play many nights for a bit to unwind. I love Redgate has a few in our Cambridge lobby, though they are very cheap, not comfortable ones, but they work.

This year I also bought a Lava Me Play smart guitar in the summer, which I’ve taken on some vacations. It sits by my desk and I’ll take a break and strum something during the way. I haven’t done much with the “smart” features, which helped me learn I really just wanted a second, smaller acoustic.

Top songs I’ve worked on this year (in no order):

  • Mechanical Bull – Zach Bryan
  • 28 – Zach Bryan
  • With or without you – U2
  • 3×5 – John Mayer
  • Jersey Giant – Tyler Childers
  • You’ve Got To Hide Your Live – The Beatles
  • Hallelujah – Jeff Buckley
  • If I Ain’t Got You – Alicia Keys

I’ve done a few more lighlty, but these are some I’ve played a lot, a few I’m still trying to get to sound vaguely like something you recognize.

2024 was a fun year of music for me, and I’m looking forward to 2025.

Posted in Blog | Tagged , | Comments Off on My 2024 in Data: Music