Category: Security
-
Zero Trust Security from the Database Perspective
I bet that by now, pretty much everyone has heard about Zero Trust Security. And for a good reason too, as security is undoubtedly the one topic that should be everyone’s concern. While the topic is already quite thoroughly discussed in many sources, I wanted to take a look at how Zero Trust Security implementation…
-
Quick way to do security check for SQL Server database(s)
I previously wrote about Azure Defender for SQL that brings some remarkable security capabilities to your cloud-based SQL Server estates. And while you can also get some of that goodness to your on-premises servers, sometimes you just don’t need all that comprehensive solution. Well, I have good news for you. There’s also a quick and…
-
Do you know how many different types of users there are in SQL Server?
The answer to this question is not 2, happy and unhappy users. This time we’re discussing security, not the end user experience of your perfectly tuned databases. I was recently having a discussion around SQL Server security, more specifically about the logins and user. The question I was asked after going through couple examples was,…
-
How to give everyone in Azure access to your database, the easy way
Sometimes I run into things in cloud that really just blow my mind away. Not that long ago I learned how you can give everyone in Azure, no matter what subscription or region they are in, an access to your database. And it was super easy too. It’s just one click to allow whole (Azure)…
-
SQL Server 2019 security improvements: Feature Restrictions
Very recently I was working on a customer databases, when I more or less stumbled on a something I had not noticed before. Apparently at some point the latest version of SQL Server (I was working with Azure SQL DB) had a new security enhancement added into it called Feature Restrictions. As this was something…
-
Hiding (mostly) in plain sight: Dynamic Data Masking
One of the more recent additions to SQL Server security features is the Dynamic Data Masking (DDM), included with the 2016 version. Like the Transparent Data Encryption I blogged about recently, DDM is a feature that is relatively easy to implement, and doesn’t require a lot of changes to the application. And just like pretty…
-
Protecting Data at Rest: Transparent Data Encryption
I recently read an article which stating that since the GDPR came in force, there has been 59,000 data breaches reported in the EU. I must admit, that while I did anticipate that we’d see a surge in these numbers, due to reporting requirements in the legislation. I really did not expect the numbers to…