Articles tagged

11 March 2014
11 March 2014

Private Cloud, What Is It and Why Do You Need It?

Even where organisations cannot make full use of public cloud for reasons of security or because of bandwidth limitations, many of the advantages of flexibility and rapid deployment can be made by providing a private cloud where the IT department manages the service but allows users to use the resources as their requirements change. Could Private Clouds provide a new paradigm for enterprises, irrespective of the public cloud?… Read more
22 July 2013
22 July 2013

Thoughts on ASP.NET MVC Authorization and Security

0
121
It is only a matter of time in developing most websites that you'll need to implement a way of restricting access to parts of the site. In MVC, the 'Authorize' attribute handles both authentication and authorization. In general, it works well, with the help of extension to handle AJAX calls elegantly, and to distinguish between unauthorized users and those who are not logged in.… Read more
02 July 2013
02 July 2013

Collecting the Information in the Default Trace

The default trace is still the best way of getting important information to provide a security audit of SQL Server, since it records such information as logins, changes to users and roles, changes in object permissions, error events and changes to both database settings and schemas. The only trouble is that the information is volatile. Feodor shows how to squirrel the information away to provide reports, check for unauthorised changes and provide forensic evidence.… Read more
22 March 2012
22 March 2012

Windows Azure from a Data Perspective

0
10
Before creating a data application in Windows Azure, it is important to make choices based on the type of data you have, as well as the security and the business requirements. There are a wide range of options, because Windows Azure has intrinsic data storage, completely separate from SQL Azure, that is highly available and replicated. Your data requirements are likely to dictate the type of data storage options you choose.… Read more

Database Management for SharePoint 2010

0
40
With each revision, SharePoint becomes more a SQL Server Database application, with everything that implies for planning and deployment. There are advantages to this: SharePoint can make use of mirroring, data-compression and remote BLOB storage. It can employ advanced tools such as data file compression, and object-level restore. DBAs can employ familiar techniques to speed SharePoint applications. Bert explains the way that SharePoint and SQL Server interact. … Read more
15 March 2011
15 March 2011

Game-over! Gaining Physical access to a computer

0
38
Security requires defense in depth. The cleverest intrusion detection system, combined with the best antivirus, won't help you if a malicious person can gain physical access to your PC or server. A routine job, helping to remove a malware infection, brings it home to Wesley just how easy it is to get a command prompt with SYSTEM access on any PC, and inspires him to give a warning about the consequences.… Read more
14 March 2011
14 March 2011

The default trace in SQL Server – the power of performance and security auditing

Since the introduction of SQL Server 2005, there is a simple lightweight trace that is left running by default on every SQL Server. This provides some very valuable information for the DBA about the running server, but it isn't well-documented. Feodor reveals many of the secrets of this facility and shows how to get reports from it. … Read more
06 May 2010
06 May 2010

An Introduction to Information Rights Management in Exchange 2010

0
17
If you're a Systems Administrator concerned about information security, you could do worse than implementing Microsoft's Information Rights Management system; especially if you already have Active Directory Rights Management Services in place. Elie Bou Issa talks Hub Servers, Transport Protection Rules and Outlook integration in this excellent guide to getting started with IRM.… Read more
06 April 2010
06 April 2010

Getting Started with Active Directory Rights Management Services for Exchange 2010

0
39
With security concerns being a constant litany, it's worth considering Active Directory Rights Management Services as a powerful tool in your access-control arsenal, particularly when it integrates so neatly with Exchange 2010. Elie Bou Issa kindly takes us, step by step, through everything we need to know to install and start using this versatile technology like a pro.… Read more
16 February 2010
16 February 2010

Bruce Schneier: Geek of the Week

If one were to close one's eyes and imagine a BT Executive, one would never conjure up Bruce Schneier. He is one of the greatest experts in cryptography, and a well-known mathematician. He even got a brief mention in thebook 'The Da Vinci Code'. He also remains an outspoken and articulate critic of the way that security is actually implemented in applications, as Richard Morris found out when we dispatched him to interview him.… Read more