The first event I ever spoke at was SQLSaturday in Madison, Wisconsin, back in 2012. I was petrified – would anyone want to hear someone talk about normalization? Especially when that someone was pretty much unknown outside of his city? Long story short, yes, they did. I didn’t have a large crowd, but it was […]
Defending your data
Which of these is more secure? It’s a trick question – the correct answer is “neither”. Both castles and vaults have their strengths. Castles are built to withstand large-scale assaults and sieges, but an individual has a good chance of getting inside. Conversely, a vault effectively protects its contents against break-ins by individuals or small groups, […]
Security VC Webinar: TLS 1.2 and SQL Server
The PASS Security virtual chapter hosted a great webinar on Thursday. Amit Banerjee from Microsoft’s SQL Server Tiger Team (b|t) spoke about upgrading our SQL Server instances to use TLS 1.2, including many pitfalls that are frequently encountered. We’re all familiar with SSL – we use it every day without even thinking about it. It’s […]
The SQL Server Security Model, Part 1: Logins [Foundations Friday]
How secure are your databases? No, not your network. Just your databases. If your company is like most, the strongest security has been placed around the outside of your network, at the perimeter. Not all threats come through the front door, though. An increasing number of breaches occur because a hacker found a way around the perimeter […]