Ben Johnston 19 April 2024

Building a Culture of Data: The Technical Aspects

0

In the first part of this two-part series, I covered the mostly non-technical aspects of building a data culture. While the lion’s share of the work will be getting people to work together and embrace ever deeper use of data, as a reader of Simple-Talk, a lot of this transition will be technical. In this … Read more

0

Ben Johnston 04 April 2024

Building a Culture of Data

0

2

One of the major trends in enterprise computing, and really in enterprises themselves is an increased emphasis on data. My career has always revolved around data, but this is a new focus for many parts of the organization. Even business units that traditionally don’t care about data realize that access to more, and better, data … Read more

0

2

Ben Johnston 01 March 2024

Friendly Deletes in SQL Server

0

Blogs

One of the first things you learn when working with SQL Server, and other transactional based SQL systems, is that set based operations perform best. If you are querying data, a cursor pulling individual rows doesn’t perform as well as a single query. It doesn’t matter if that cursor is on the client side or … Read more

0

Blogs

Ben Johnston 01 February 2024

Feature Flags in Data Projects

0

1

Blogs

My motivation for writing this summary was an interaction with a project owner that didn’t understand why we couldn’t use feature flags directly in Power BI to control the user interface. This was different from our other deployments, so it took a few rounds of explanations to convince them that our use case didn’t support … Read more

0

1

Blogs

Ben Johnston 31 December 2023

Warehouse Load Patterns – Part 2 – Load Patterns

0

3

Blogs

This continues and finishes my two-part series on warehouse load patterns. There are many methods to transfer rows between systems from a basic design perspective. This isn’t specific to any ETL tool but rather the basic patterns for moving data. The most difficult part in designing a pattern is efficiency. It has to be accurate … Read more

0

3

Blogs

Ben Johnston 26 November 2023

Warehouse Load Patterns – Part 1 – Requirements and General Patterns

0

5

Blogs

No matter the ETL tool used, there are some basic patterns to follow when transferring data between systems. There are many data tools and platforms, but the basic patterns remain the same. This focuses on SQL Server, but most of these methods work in any data platform. Even if you are using a virtualization layer, … Read more

0

5

Blogs

Ben Johnston 15 October 2023

SQL Server Security Primer

0

1

SQL Server security structure, mechanisms and methods are very thoroughly documented in the Microsoft documentation, but it is quite daunting if you don’t already know about the functionality. I recently had a request to explain some security features of SQL Server so that internal audits could be completed. While thinking about the request and preparing … Read more

0

1

Ben Johnston 03 October 2023

SQL Server Row Level Security Deep Dive. Part 6 – RLS Attack Mitigations

0

1

Blogs

As seen in the previous section, there are several ways bad actors can attempt to bypass RLS. Attacks range from removing RLS, getting data from other systems or straight brute-force methods using side-channel attacks. Mechanisms exist for each potential attack that allow you to avoid the attack or monitor for the attack when avoidance isn’t … Read more

0

1

Blogs

Ben Johnston 25 September 2023

SQL Server Row Level Security Deep Dive. Part 5 – RLS Attacks

0

1

Blogs

As mentioned in previous sections, RLS is an addition to security and should not be used as the primary method to limit access to data. It is a supplementary layer, useful in specific scenarios. There are also instances where RLS can be defeated by an unauthorized user. The attacks listed below are broken down into … Read more

0

1

Blogs

Ben Johnston 17 September 2023

SQL Server Row Level Security Deep Dive. Part 4 – Integration, Anti-patterns, and Alternatives

0

1

Blogs

One of the primary reasons to implement RLS is to facilitate reporting and ease the administrative burden. This section covers some considerations for using RLS with the primary Microsoft reporting engines and gives you an idea of things to look for in your reporting engine. Some anti patterns and alternatives to RLS are also examined. … Read more

0

1

Blogs

Ben Johnston 10 September 2023

SQL Server Row Level Security Deep Dive. Part 3 – Performance and Troubleshooting

0

3

Blogs

Previous sections gave a brief introduction to RLS, including some common use cases. They also showed how to implement RLS using a few different methods. This section focuses on performance and potential issues you may encounter. There are two main areas where RLS can impact performance. The first is the user or authentication lookup. Some … Read more

0

3

Blogs

Ben Johnston 03 September 2023

SQL Server Row Level Security Deep Dive. Part 2 – Setup and Examples

0

2

Blogs

The previous section in this series was an introduction to Row Level Security (RLS) and some use cases. This section focuses on basic setup of RLS, methods for implementing RLS and performance considerations with those implementations. The RLS access predicate is applied to every row returned to a client making performance a big factor in … Read more

0

2

Blogs

Ben Johnston 01 August 2023

SQL Server Row Level Security Deep Dive. Part 1 – Introduction and Use Cases

0

1

My initial goal of documenting and exploring SQL Server Row Level Security (RLS) was to show the basic functionality and focus on a few performance and administrative items. I also wanted to confirm my base assumption that it is very secure. This security makes it useful in many situations to segregate data by user groups, … Read more

0

1

Ben Johnston 30 July 2023

Unmasking SQL Server Dynamic Data Masking, Part 5, Mitigations and Summary

0

1

Blogs

This is the fifth and final part of this series on SQL Server Dynamic Data Masking. The first part in the series was a brief introduction to dynamic data masking, completing solutions, and use cases. The second part covered setting up masking and some examples. The third and fourth sections explored side channel attacks against … Read more

0

1

Blogs

Ben Johnston 27 June 2023

Unmasking SQL Server Dynamic Data Masking, Part 4, Unmasking Formatted and Unformatted Text

0

1

Blogs

Continuing from the previous entry in this series on security concerns with using Dynamic Data Masking, in this blog I want to close out that discussion showing how you can unmask different sort of data that has been dynamically masked, even if you don’t have access to unmasked data. Clearly this is NOT a suggestion … Read more

0

1

Blogs

Ben Johnston 14 June 2023

Unmasking SQL Server Dynamic Data Masking, Part 3, Security Concerns

0

1

Blogs

This is the third part of a series on SQL Server Dynamic Data Masking. The first part in the series was a brief introduction to dynamic data masking, completing solutions, and use cases. The second part covered setting up masking and some examples. This part starts exploring side channel attacks against dynamic data masking. This … Read more

0

1

Blogs

Ben Johnston 07 June 2023

Unmasking SQL Server Dynamic Data Masking – Part 2 – Setting up Masking

0

3

Blogs

This is the second part of a series on SQL Server Dynamic Data masking. The first part in the series was a brief introduction to dynamic data masking, including use cases. The focus of this blog will is setting up masking and some base examples. Configuring Masking Masking data is a straightforward process. Choose the … Read more

0

3

Blogs

Ben Johnston 26 May 2023

Unmasking SQL Server Dynamic Data Masking – Part 1 – Introduction

0

1

This is the beginning of a series on SQL Server Dynamic Data Masking. Dynamic Data Masking is a concept familiar with all developers and users of sensitive data. It is implemented in SQL Server with simplicity and elegance, requiring minimal changes to front end applications, including reporting, and almost no changes to queries. The series … Read more

0

1