SQL Server with Mr. Denny:

Database security

July 16, 2012  2:00 PM

Stop Using SQL Logins

Posted by: Denny Cherry
Database security, Security, SQL Server

Hey vendors, consultants, clients, etc. STOP USING SQL LOGINS.  Now if the SQL Server you are using isn't attached to a Windows domain then fine, odds are you'll need a SQL Authentication login.  However if the machine is a member of the Windows domain then login to SQL Server using Windows...

July 5, 2012  2:00 PM

Prepping the security for a data warehouse

Posted by: Denny Cherry
Active Directory, Database security, Permissions, SQL Server

So in an earlier blog post I talked about how I had to grant some users the ability to create indexes in a reporting server.  A couple of people have asked me how I created the domain...

June 19, 2012  2:00 PM

I’ll be at SQL PASS 2012, will you?

Posted by: Denny Cherry
AlwaysOn, Availability Groups, Data Security, Database security, In Person Events, SQL PASS, SQL PASS 2012, SQL Server

It appears that I've been selected to give a couple of presentations at the premier Microsoft SQL Server conference again this year.  At the 2012 SQL PASS Summit in Seattle, WA this year I'll be presenting a regular session titled "

April 26, 2012  2:00 PM

Securing SQL Server 2nd Edition Coming Soon

Posted by: Denny Cherry
Amazon, Database security, Securing SQL Server, SQL Injection, SQL Server, SQL Server 2012

In case you missed my announcement earlier this week over on SecuringSQLServer.com... I'm pleased to be able to announce that the

February 17, 2011  2:00 PM

For the love of god people, quit screwing around with the base permissions within SQL Server.

Posted by: Denny Cherry
Database security, SQL Server, SQL Server 2000, SQL Server 2005

I know that security people like to remove permissions from everything before certifying that a server is ready to go into production.  And like 10+ years ago that was something that you might have wanted to do (I'm just talking about SQL Server here).  However in today's world of SQL Server 2005...

February 1, 2011  6:19 PM

Save 50% on my book “Securing SQL Server” Feb 1, 2011 only.

Posted by: Denny Cherry
Book, Database security, Discount Code, Securing SQL Server, SQL Server

Syngress, my publisher, is doing a one day sale for my book Securing SQL Server.  If you order from them directly and use discount code 50170 you'll get 50% off the price, bringing the price down to just $24.98.  Just click through to the Syngress

January 18, 2011  2:00 PM

The SQL Rally (#sqlrally) voting as started, and I’ve got a session up for vote this week.

Posted by: Denny Cherry
Data Security, Database security, SQL PASS, SQL Server

The SQL PASS organization has taken a different approach to session selection for the SQL Rally than they normally do for the annual summit.  Instead of a full program committee which selects sessions then announces them, they are leaving the session selection up to the community via a vote. ...

August 6, 2009  11:02 AM

What do you mean I can’t access my own database when trying to attach it?

Posted by: Denny Cherry
Attaching Database, Database security, NTFS Permisions, SecurityFightClub, SQL Server

When you detach a database from Microsoft SQL (I'm talking SQL Server 2005 and up here) the SQL Server automatically changes the NTFS permissions on the file so that only the user who told the SQL Server to detach the file has access to them.  SQL Server does this to ensure that an unauthorized...

May 28, 2009  11:00 AM

What’s the difference between encrypted data and hashed data?

Posted by: Denny Cherry
Database, Database security, Encryption, Hashing, Security, SecurityFightClub

The biggest difference between encrypted data and hashed data is that encrypted data can be decrypted later.  Hash algorithms such as MD5 are one way hashing algorithms which means that the value that is returned can't be decrypted back to the original value. It is important to know the...

January 4, 2009  9:15 PM

JournalSpace.com Says the site was trashed by the IT guy

Posted by: Denny Cherry
Database security, Denis Gobo, JournalSpace.com

The owner of JournalSpace.com has posted an update to the site (screen shot for posterity) giving more information about what...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: