This article gives an overview of column level SQL Server encryption using examples.
Read more »
Security
Encrypting passwords with Python Scripts in SQL Notebooks of Azure Data Studio
January 6, 2020This article explores the Python scripts for encrypting and decrypting passwords in SQL Server using Azure Data Studio SQL Notebooks.
Read more »
SQL Injection: Introduction and prevention methods in SQL Server
December 25, 2019A SQL injection attack is one of the most commonly used hacking techniques. It allows hacks to access information from a database that is otherwise not publically accessible.
Read more »
Dynamic Data Masking In SQL Server
October 15, 2019Security has been one of the prime concerns of database developers since the inception of database management systems. Various data protection schemes have been introduced to provide secure access to sensitive data.
Read more »
Enforce SSL connections in AWS RDS SQL Server
October 7, 2019This article explores a method to enforce SSL for all connections in AWS RDS SQL Server.
Read more »
Database Level DDL Triggers for Views, Procedures and Functions
October 4, 2019In this article, we will un-riddle the ways to make use of the data definition language trigger (DDL Trigger), in order to monitor the progressions made to the database programming objects, View, Procedure or Function with a few real-time examples.
Read more »
Database Level DDL Triggers on Tables
September 23, 2019This article portrays the different utilization of database DDL Triggers for the Tables with a counting mail alert on schema composition using DDL (Data Definition Language) standard. Using that efficient method we can keep close eyes on monitoring schema changes in any database of SQL Server. We’ll also see how we could monitor these movements and send an alert email to persons responsible to inform about this change.
Read more »
Recover a lost SA password
September 20, 2019In this article, we will review how to recover SA password by starting SQL Server in single user mode when you forget “sa” credentials or lose the access to the instances due to the following reasons:
Read more »
Move or copy SQL Logins by assigning roles and permissions
September 13, 2019This article speaks to, how to copy SQL Logins on the new server with Server Level roles and database-level permissions as existing Source to Destination SQL Server instance using a script.
Read more »
Limit SQL Server Login Authentication scope using a Logon Trigger
September 13, 2019This article contains the SQL Server login Authentication scope on the Security side. We will find the subtleties, how Login Authentication extension can be controlled SQL Server level Logon trigger.
Read more »
SQL Injection: Detection and prevention
August 30, 2019Summary
With an understanding of what SQL injection is and why it is important to an organization, we can shift into a discussion of how to prevent it. We ultimately want systems where SQL injection is impossible or very difficult to pull off. We then want systems where exploiting bugs is slow, laborious, and likely to raise monitoring alarms within an organization when attempted. The trio of layered security, prevention, and alerting can provide an immense advantage against not only SQL injection, but other data security threats.
Read more »
SQL Injection: What is it? Causes and exploits
August 30, 2019Summary
Many security vulnerabilities are discovered, patched, and go away forever. Some linger and continue to plague software development and will continue to do so for years to come. Setting aside social engineering and non-technical attacks, SQL injection remains one of the top security threats to our data, as well as one of the most misunderstood.
Read more »
Vulnerability Assessment and Advanced Threat Protection in Azure SQL Database
June 17, 2019In today’s time where data breaches are highly expected to happen, there is a high need to ensure sensitive data in the Azure SQL databases is secured and which is why data security implementation is gaining momentum across each community. We covered one of the features of Advanced Data Security here in Advanced Data Security in Azure SQL Database – Data Discovery & Classification. Let’s dive further into the other two features that Azure SQL offers with this capability in this article.
Read more »
Advanced Data Security in Azure SQL Database – Data Discovery & Classification
June 17, 2019Azure SQL supports in building and managing wide range of SQL databases, tools, frameworks etc. on the cloud. Organizations are drifting towards Azure SQL because of its obvious advantages over on-premises SQL Server and are generating, exchanging and storing data at an exponential rate on Azure. It becomes essential to safeguard, monitor our sensitive data and get alerts on anomalous activities else companies may come under fire for letting data leak and hacked.
Read more »
Certificate Management in SQL Server 2019
May 31, 2019Introduction
Certificate Management in SQL Server 2019 has been enhanced a lot when compared with previous versions of SQL Server, and it is part of a large set of new features and enhancements in SQL Server 2019. The most significant enhancement is that that it now allows you to directly import SSL/TLS certificates into SQL Server, thus simplifying the entire process a lot.
Read more »
User Security and Risks to Azure Costs
May 16, 2019We’ve looked at both the organization and development side of managing Azure costs. One risk we have is attackers who compromise an account and mis-scale resources (such as scaling up), driving up our costs. Another scenario is attackers scaling resources too low that affects client’s ability to do their work (performance problems) – a separate risk that may result in lower costs on the cloud side, but higher costs against our reputation. A third risk is reconnaissance of our Azure use: this allows the attackers to get information about our design and later make a wide range of attacks that will appear as normal to us – in this case, Azure costs may be only one of the impacts with other impacts being as severe.
Read more »
Azure Costs Tracking with Security and Design Considerations
April 30, 2019Azure costs can quickly mount, without careful supervision and management. This article will detail cost mitigation strategies using security and design
Read more »
PowerShell encrypt password techniques for SQL Server
April 18, 2019Challenge
Automating SQL Server tasks with PowerShell can increase productivity and save time, but how do use PowerShell encrypt password techniques to avoid saving them as plain text. This article will show you how.
Read more »
DevSecOps: Developing with Automated Security Testing
March 6, 2019A key component of DevSecOps and identical to running unit tests to validate code after a build, running automated security testing after an application has been deployed (such as automated penetration tests) can provide us with a tool that identifies security risks. As we’ve seen recently, there’s been a growth of many companies experiencing information being compromised and with the development culture of “move fast and break things”, I expect this trend of successful attacks will continue. Before we look at our options for automating this testing, we want to be aware of its limits, evaluate the requirements, and consider common designs that are useful.
Read more »
How to Programmatically Pass Credentials in an Embedded Power BI Report
November 20, 2018In the article, How to embed a Power BI Report Server report into an ASP.Net web application, we looked at available options for embedding a Power BI Report Server report into an ASP.NET web application. Since the publication of the article, I have received several questions relating to how one goes about programmatically passing credentials for report server connection within an embedded Power BI Report Server report. The simple answer to such questions is that it is currently not possible to implement user impersonation in an embedded Power BI Report Server. However, like in most scenarios, there are workarounds that one could temporarily employ – at least until Microsoft comes up with a permanent solution to what is becoming a top requested feature at ideas.powerbi.com.
Read more »
How to secure Reporting Services with Group Managed Service Accounts (GMSA)
November 7, 2018In this article, we will explore the functionality to secure reporting Services with Group Managed Service accounts ( GMSA)
Read more »
SQL data classification – Add sensitivity classification in SQL Server 2019
October 31, 2018SQL Server 2019 offers powerful new features to help in safeguarding your data and complying with various privacy regulations, which we’ll be covering in this article
Read more »
Considerations and concerns when setting up Database mail for SQL Server
August 31, 2018Database mail is widely used by DBAs and companies around the world and is one of the features of SQL Server that can be very important for startups. That is because it is a cheap solution for getting alerts from your SQL Server for potential hardware issues, early warning signs of corruption, along with potential resource constraints. However, it can be misused or pose potential security issues. Before we start, to my myself clear I am in favor of configuring Database mail for the DBA team when done properly. In the rest of the article, we will touch on some of the common mistakes people make with database mail and their SQL Servers. We will not discuss the setup of this feature as it was well documented by Bojan Petrovic on SQLShack.
Read more »
Is SQL Server Always Encrypted, for sensitive data encryption, right for your environment
July 27, 2018So, your manager wants you to figure out how to encrypt sensitive Data? Well, Microsoft has introduced a fairly easy way to configure feature called Always Encrypted. Read more »
SQL Server security considerations with open source tools
June 21, 2018As our company has grown, we’ve recently added developers to our team who want to use open source tools (open source languages and libraries). In the past, we built and used our own custom libraries, but our new developers to prefer to use open source libraries or add new languages that require new libraries. We’re concerned that the use of open source libraries may not be secure and may introduce new inputs and outputs in our system that we don’t fully understand. What should we consider when we think about allowing open source software, tools or languages in our environment from the standpoint of security? Read more »
