Sensitive Data Must Be Encrypted
The title of this post pretty much says it all. If you store sensitive data in a database you have to work under the assumption that someone is going to try and break into the system and steal that data. Thinking otherwise simply isn’t responsible as the developer and/or administrator of the system. By not […]
Why is SQL Injection still a problem?
SQL Injection is probably the most popular attack vector for hackers when they attempt to break into databases. The reason for this is that it is so easy for an attacker to gain access to the system, and typically to get pretty high level permissions to a database engine so that they can then export […]
Security Sessions at SQL PASS 2012
The SQL PASS session list for the SQL PASS 2012 Summit has been released. This year there are 192 sessions being presented at the SQL PASS summit. Last year at the 2011 summit there were only a couple of sessions on SQL Server Security. This year there are 4 sessions. While this appears to be a […]
SQL Saturday 147 Precon (#sqlsat147)
If you are planning on attending SQL Saturday 147 down in Recife Brazil you would check out my pre-con session being held on August 24th. In this session I’ll be talking about all of the High Availability options which are available for SQL Server 2012. I will be talking about AlwaysOn Availability Groups, Clustering, Database […]