Tag Archives: security

Hacked

Hacked By Steve Jones, 2013/01/02 This editorial was originally published on Jan 2, 2013. It is being rerun as Steve is out of the office. I’ve been hacked before. My personal web site has been hacked with a variety of … Continue reading

Posted in Editorial | Tagged | 1 Comment

I Hate To Send This Email

I use TrueDelta to report my car status every month. It’s a nice service, allowing car owners to see what experiences others have, and think about which models and years might be a good fit for me. I’ve tracked multiple … Continue reading

Posted in Editorial | Tagged , | Leave a comment

The Secure Medical Data Challenge

Securing our databases and preventing the release of information our organizations have collected is an ongoing job for many of us. We patch our systems, ensure that our logins and users are granted just a few rights, encrypt data and … Continue reading

Posted in Editorial | Tagged | Leave a comment

Why Devops? For Better Security

The ideas of DevOps are a mixture of principles, ideas, recommendations, tools, processes, attitudes, and more. There isn’t any  one way to implement a DevOps process, and plenty of people have been working in what many would consider a DevOps … Continue reading

Posted in Editorial | Tagged , | Leave a comment

Let NonAdmins Get Logins

I saw a question recently about how to allow some users to see the logins on a server without being a sysadmin or securityadmin. This was in support of a migration effort, so users needed read rights without being able … Continue reading

Posted in Blog | Tagged , , | Leave a comment

Using a DMK in TDE

When you setup TDE, you need to create a DMK (Database Master Key) in the master database if one doesn’t exist. This key forms the basis of a chain of protection for your data inside of the SQL Server instance. … Continue reading

Posted in Blog | Tagged , , , | Leave a comment

What’s a Database Encryption Key (DEK) in TDE

The encryption mechanisms in SQL Server are interesting, and they work well, but they are somewhat poorly named. I ran across a few people struggling to understand, so I decided to cover the concepts in a series of posts. This … Continue reading

Posted in Blog | Tagged , , , | 1 Comment

Delaying Patches is Problematic

I was listening to a DevOps podcast from Josh Corman, of Rugged Software. Rugged Software aims to improve security by asking developers and sysadmins to adhere to their manifesto, which recognizes both the importance of software in the modern world, … Continue reading

Posted in Editorial | Tagged , | Leave a comment

Do I have a Database Master Key in a database? #SQLNewBlogger

Another post for me that is simple and hopefully serves as an example for people trying to get blogging as #SQLNewBloggers. How can I tell if I have a Database Master Key in a database? It’s actually easy. I query … Continue reading

Posted in Blog | Tagged , , , | Leave a comment

Securing Your Instances

I wrote a post about finding the port number of a SQL instance using PowerShell. Almost immediately I was taken to task by someone that noted port scanners can easily find SQL ports, so it’s silly to move off 1433. … Continue reading

Posted in Editorial | Tagged , | Leave a comment