Although the IT industry is usually blamed for security breaches in confidential databases, it is likely that it is usually the staff that operate the databases that are responsible. Should we be designing IT systems that log and report every access by the users? We sent our roving reporter, the steely-eyed Richard Morris, to find out. … Read more
Login Triggers were quietly introduced in SP2 to tighten up the security features of SQL Server to comply with the latest industry standards for security. But you can meet a lot of the security requirements even without them! … Read more
Much of the security of SQL Server is implemented as part of the database schema. This provides some bonus uses for SQL Compare. Andras, the architect of SQL Compare v 4, 5, and 6, tells how.… Read more
SQL Server Endpoints are database objects that define the ways and means that SQL Server 2005 communicates on the network. Any DBA working with SQL Server 2005 will soon need to become familiar with them, particularly if using SOAP, Service Broker or Database Mirroring.… Read more
Robyn Page and Phil Factor present practical T-SQL techniques for controlling access to sensitive information within the database, and preventing malicious SQL injection attacks.… Read more
If you've ever had brain meltdown trying to understand SQL Server users, roles, permissions, logins etc. then Robyn Page's security cribsheet might be just be your Panacea.… Read more
Jesse Liberty demonstrates a role-based security architecture for Windows Forms applications that will allow you to restrict access to any given control, on any form, so that it is either invisible or disabled, based on who is using the form.… Read more