Category Archives: Security

A list of blogs focusing on security concepts in SQL and Azure

Masking Data prior to SQL 2016

By | November 1, 2020

I was recently asked by a friend of mine what would be the best way to mask data in SQL Server. Now you may be aware that dynamic data masking was introduced in Microsoft SQL server version 2016. However for older versions of SQL server there are primarily just a few variations of same approach… Read More »

Securing SQL Server – Dynamic Data Masking

By | September 22, 2020

In this video we cover the feature Dynamic Data Masking. While technically a security feature DDM can be easily bypassed and therefore is often used in conjunction with other features like encryption. It adds a layer of masking on the final output and as such can be bypassed easily by rewriting the query as demonstrated… Read More »

Microsoft SQL Server Security: – Defense in Depth Series

By | September 8, 2020

In this series we cover all the different ways you can protect your Microsoft SQL Server database from attacks. We cover the methodology being used to secure databases. When and how to use them and certain pitfalls. https://www.youtube.com/watch?v=aITXHwWHXJw&feature=youtu.be The series covers the following concepts Principle of least privilegesDynamic Data MaskingRow Level SecurityAlways EncryptedTransparent Data EncryptionBackup… Read More »

Microsoft SQL Server Security: – Defense in Depth Series

By | September 8, 2020

In this series we cover all the different ways you can protect your Microsoft SQL Server database from attacks. We cover the methodology being used to secure databases. When and how to use them and certain pitfalls. https://www.youtube.com/watch?v=aITXHwWHXJw&feature=youtu.be The series covers the following concepts Principle of least privilegesDynamic Data MaskingRow Level SecurityAlways EncryptedTransparent Data EncryptionBackup… Read More »

What does a brute force attack look like?

By | May 13, 2020

Ever wondered if your server is being targeted for a brute force attack? What does it look like? How to prevent it? What is a brute force attack? A brute force attack is different from other attacks because it’s relying purely on a numbers game to gain access to the system. Unlike social engineering attacks… Read More »

SQL 2019 – Christmasql

By | December 4, 2019

Early November I had posted I would be conducting a series of sessions on MS SQL server. The response was really great and while I intended to do a classroom session the interest was primarily for online delivery. So I will be arranging the first half of it this in the coming 10 days. Here… Read More »

SQL 2019-Data Classification and Vulnerability assessment

By | November 5, 2019

  Data Classification With GDPR security has become a high priority for a large number of organizations the cost of not implementing robust security has been significantly increased and therefore companies that previously used to think security wasn’t a key part of their architecture now has to revisit that approach. But complying with GDPR and… Read More »

SQL 2019 – TDE SUSPEND RESUME

By | November 3, 2019

In this video we are going to talk about transparent data encryption. Transparent data encryption is a feature in SQL server that protects data at rest. Data at rest means your MDF and LDF files. These files reside on the hard disk and are easy prey to anyone with access the file system. By simply… Read More »