The security announcements around Azure SQL Database keep coming. Auditing was implemented a few months ago, and today it was followed by a preview of
I’d always wondered why they didn’t make the “ImplyingPermissions” function (code is part of the books online) part of the product. I originally thought it
Just to let you know. The Portland (Oregon) SQL Server User Group has invited me to speak at the meeting on Thursday, Jan 24 at
I recently completed another update to the whitepaper, now entitled "SQL Server 2012 Security Best Practices – Operational and Administrative Tasks" to cover best usage of
… Continued from previous blog entry … The point of using a Server Audit Specification with database events in SQL Server 2012 is this. In
I've always been pretty "standard" in my approach to SQL Server's auditing feature. That is, Server Audit Specifications are for auditing server-level objects and Database
When I installed CTP3 of SQL Server 2012 (on Windows Server 2008 R2 OS), I noticed that the "Service SID account" (known as the Managed
Two of the security features that folks have asked me about, especially since around 2002, is row-level and label security. Row-level security was present in
In doing research for the Service SID posting, I encountered some odd things about service names, service user group names and services. I said I'd
A couple of weeks ago at DevDays Netherlands, I struggled a bit with a demo that was relatively straightforward in SQL Server 2008 running under Windows
I've recently completed an update to the SQL Server 2005 Security Best Practices whitepaper. It's available on the security and compliance website under whitepapers or the
This blog posting is meant to bring attention to the fact that I'm doing a preconference talk, "A Day of SQL Server Security" at TechEd
I really enjoyed speaking at the Portland SQL Server User Group meeting last night about SQL Server security…and I have an update. We were talking about
This month I'll be presenting a session for the Portland SQL Server User Group. I'll be discussing and demonstrating the new security features in SQL Server
Today I came across the new SQL Server 2008 Compliance Portal. This portal has information and links to the new Compliance whitepaper and compliance scripts
For folks that have been asking…my latest whitepaper "SQL Server 2005 Security Best Practices – Operational and Administrative Tasks" was posted on the Technet website
When installing previous versions of SQL Server, I'd always keep a list of the exact privileges that a SQL Server service account would need. I'd
Today was the first of my two presentations as part of the TechNet Webcast Series for the ITPro, about SQL Server 2005 security. The session
I've always been slightly puzzled by the permission "EXECUTE" on an XML SCHEMA COLLECTION. Say I have an XML SCHEMA COLLECTION named MySchemas and a table
Dynamic SQL executed in a stored procedure executes by default using the security context of the CALLER of the procedure rather than the OWNER. That's
Service Broker security is the subject of confusion even among people who think they know how it works. Some of the confusion occurs because security
After writing about a lot of new security features that were added since we published our "First Look at SQL Server 2005 book" its nice
This one's been around for a while, but don't think we'd mentioned it in the book. In addition to Windows logins and SQL logins, you
You’ve probably heard by now of the usage of the EXECUTE AS clause with procedural code. As in “CREATE PROCEDURE foo WITH EXECUTE AS OWNER”.
One of the things folks would always ask during the Ascend program was "anything new for application roles? do they support connection pooling yet?". Well,
In July 2004, encryption built-ins and key management had just been introduced in SQL Server 2005. Now its old news. They'll be a good-sized section
While working on the new edition of our book for after RTM, I've been looking around for security features that I missed or that didn't exist
I'm known for my vivid imagination when making up test/exposition examples. I have a cat named Sam. So, once upon a time, I wrote: CREATE
After writing a blog entry on "How DO you change your SQL Login Password" and complaining that "neither" SSMS nor SQLCMD allows you to change
SQL Server 2005 will, by default on Windows Server 2003 systems, enforce password policies for SQL Server logins as well as Windows logins. Nice feature,
Speaking of SQL Profiler brought this to mind. The number one feature that brings a smile to every DBA's face: GRANT ALTER TRACE TO [somedev] No
A new feature of SQL Server 2005 that has been fairly well publicized is the ability, on Windows 2003 operating systems, to enforce password stregth,
I've been lying pretty low lately, doing research on some topics in a slightly different space (but at least obliquely SQL Server 2005 related). Came
Now, back to our regularly scheduled technical content. About schemas, users, and owners. Although Ed originally created the table, since Fred is the schema owner,
The code for the answer is below. Greg Low is, of course, correct. Fred owns the table, but he owns it by virtue of being
People always ask…if ownership chains work the way they do, why do they not work with dynamic SQL? And how about .NET procedures and ownership
Separation of users and schemas is another cool SQL Server 2005 feature, but it has some interesting behaviors that folks may have to get used
A few weeks ago, I was surprised by an error message when attempting to create an HTTP endpoint with CREATE ENDPOINT. The error was "You
With training and consulting from SQLskills, you’ll be able to solve big problems, elevate your team’s capacity, and take control of your data career.