Back in 2012, I was transitioning into the role of ‘Director of Data Services’, at the Fortune 500 insurance organization where I worked. It wasn’t that easy. Previously, as a DBA, I’d spent time developing my own database monitoring and documentation solutions. Now, I needed to alter my perspective to take in the broad landscape Read more
An attacker of SQL Server likes to be able to change the SQL Server configuration settings. In an ideal world, you will have left everything open for the intruder, but generally, every DBA reduces the surface of attack as much as possible. Why would the attacker want to change these settings? You might think there’s Read more
SQL Source Control (SoC) plugs directly into SQL Server Management Studio (SSMS) and is built with the singular purpose of providing an efficient interface between each developer’s local, working copy of the database, in SSMS, and the source control repository. It allows each developer to work freely, on their own sandbox database, committing tested changes Read more
This article is all about using a SQL Prompt snippet to create and run a test harness on a batch of SQL code, to provide performance data. Behind the scenes, the snippet creates and starts an Extended Events event session, inserts and runs the text of the batch of SQL you’ve selected in SSMS, and Read more
Even if all precautions have been taken to prevent SQL Injection attacks, as laid out in the OWASP website, it is still wise to be able to detect if an attempted attack is taking place, and it is essential to know if such an attack is successful. There are several strategies for detecting SQL Injection Read more
As SQL Server estates continue to grow quickly, and change in nature, due to the ease with which new cloud-based, containerized or virtual machine-based SQL Servers can be provisioned, so too the role of the monitoring tool changes. In organizations that need to monitor a large population of SQL Servers, many of which are highly Read more
For this demonstration, we will take AdventureWorks and produce a pseudonymized copy for development work. The aim is to surgically alter just the data that can identify individuals but leave everything else intact. I’ve shown how to do something similar before, for a subset of the data, in Pseudonymizing your data with SQL Data Generator. Read more
If your SQL Server runs out of disk space, and it is running a database for an enterprise’s trading application, then the company can’t take money until the DBA fixes the problem. Even the worry of that ever happening is enough to keep a DBA up at night. No wonder, then, that the recent State Read more
Avoid using the IsNumeric() function, because it can often lead to data type conversion errors, when importing data. SQL Prompt Code Analysis rules include an Execution rule, E1029, which will alert you to use of this function, in your T-SQL. If you’re working on SQL Server 2012 or later, it’s much better to use the Try_Convert()or Read more
It would be wrong to portray SQL Change Automation (SCA) as being suitable only for epic project deployments, of the sort described in my previous article. It can do smaller tasks as well. To demonstrate, I’ll show how you can use SCA to check that the source code builds a database, and to provide a Read more
Compliant Database DevOps
