See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Insufficient data from Andrew Fryer
The place where I page to when my brain is full up of stuff about the Microsoft platform
Application Lifecycle Management
Azure Machine Learning
Data Protection Manager
Essential Business Server
Full Text Search
Microsoft Security Essentials
Performance Point Server
Read Only Domain Controller
Remote Desktop Services
Slowly Changing Dimensions
Software + Services
SQL Server 2008
SQL Server 2008 R2
SQL Server 2012
SQL Server 2014
SQL Server Express
TechNet Road Show
Windows Phone 7
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012R2
Browse by Tags
Insufficient data from Andrew Fryer
Lab Ops – PowerShell 4 and PKI
In a Remote Desktop Services lab setup involving a gateway to allow connections to our virtual desktops over the internet we are going to need to use an SSL certificate to secure traffic between the remote devices and the gateway. Typically in the past we would have gone into a server running IIS and...
28 May 2014
Compliance in SQL Server
I often get asked about whether SQL server is compliant with some standard or other e.g. Sarbannes-Oxley (SOX) , Data Protection etc. The answer is yes, but there is no flip switch in SQL to turn any of these on , and as anyone knows who's tried it turning on c2 security is a great way of slowing...
11 Feb 2008
Desktop Security - one size doesn’t fit all
If you follow this blog you’ll realise that every couple of weeks I mention TechNet ON . This one stop portal changes its focus every couple of weeks and this time the focus is on desktop security. I am not going to try and rework any of the resources as they are all pretty obvious and well written...
14 Oct 2010
SQL Server Security
Security should be everyone’s business, but it’s often seen as someone else’s problem. When it comes to SQL Server there are at least three parts to the puzzle: The infrastructure guys will provide secure comms and accounts with which to access SQL Server. The developers be they in house...
12 Oct 2009
More secure is not totally secure
My good friend Steve the team spook, has written this post about SQL Servers track record on security compared with what many people perceive is the secure database of choice, Oracle. I can only speculate as to why this is the case as I am not an Oracle guru, but it may well be down to Microsoft’s trustworthy...
1 Aug 2008
Rename the SQL Server sa account
Another good thing that’s done at the SQL Server community evenings is a 5 minute slot where anyone can have a go at showing something interesting. Tony Rogerson got me to open the batting to encourage others to have a go. I am not sure who it was who came up next but it was a simple thing on renaming...
24 Nov 2008
SQL Server Advent Calendar 18 – Audit
Day 18 of my virtual advent calendar, about stuff I like in SQL Server 2008.. Rounding out ways of keeping an eye on what’s happening to your data in SQL Server 2008 is the new auditing feature in Enterprise edition. As the name suggest it’s there for a specific purpose, to make your compliance...
18 Dec 2008
Another Quiet Day for SQL Server DBA's
When was the last time you picked up a land line phone and there was no dial tone? BT are no doubt proud of this but it's not going to make them any headlines, it's much more entertaining and newsworthy to complain about our 3rd world broadband speeds. The SQL Server product guys are in the same invidious...
5 Nov 2007
IIS 7.5 and Windows Server Core
There is so much stuff on Windows7 & 2008 R2 features out there, but not so much on IIS 7.5. The other reason it slipped off my radar was that reporting services in SQL Server 2008 directly uses http.sys for its portal and there is no longer a need to install IIS at all. Anyway it’s now...
4 Nov 2009
Getting Safe OffLine by going green
Hopefully the Getting Safe OnLine message is getting out there and you are ensuring that all computers are properly protected both at work and at home. But what about security worries when you’re offline, we all get statements from banks and utilities like gas electricity plus council tax and these can...
17 Apr 2009
SQL Server 2008 Transparent Data Encryption and Replication
SQL Server 2008 will have a mechanism to encrypt the database at rest, with little overhead, and you can try this in CTP5. While it is on the instance where it was encrypted it can be accessed by any application with out modification. However if it is detached/attached or restored to another...
21 Dec 2007
Do You trust your DBA
I noticed a new tool appeared last week from Sentrigo that scrambles SQL Server passwords so that they cannot be seen in plain text by the DBA. This is to address a supposed vulnerability in SQL Server 2000/5 where by allowed memory dumps which exposed users passwords (BTW I am not doing a post...
22 Sep 2009
FileStream Data and Deletion
Deletion on computers is often a bit of a sham, as I found out when I got in at the ground floor of forensic computing a long long time ago. Back then file systems were very lazy so when you deleted something all that happened was the file system marked the blocks occupied by that file as being...
6 Apr 2009
SQL Server 2012 and the private cloud
Putting up a marketing slide that says SQL Server is a good private cloud citizen is good marketing, but what’s in the box to back the claim up? My top three would be: Windows Server core . Patching is a major maintenance problem with lots of virtual machines, and server core cuts that in half...
1 Nov 2011
Windows 7 DirectAccess my new best friend.
It’s tough trying to work from home with the feeble broadband speeds that exist in many parts of the UK. I get 0.5mbps when I am paying for 8 (which is still poor even allowing for how far I am form the exchange) and so I often have to travel just to download data or do live meetings. However I have...
22 Apr 2009
Careless Talk costs…
Online phishing scams are a bit passe these days, and organised crime is still keen on traditional methods for getting their hands on your identity and credit card details. This is simple economics (even criminals have to keep down overheads in a tough economy) , based on who is likely to...
29 Jun 2010
What is ADFS, and why you should care?
Active Directory Federated Services (ADFS) doesn’t sound like the most exciting topic for a post, but I am going to post on it anyway precisely because it is boring. First let me log in to windows with a Live ID.. You’ll notice I have used my Microsoft alias to sign in, and I haven’t entered my password...
9 Jun 2010
SQL Server Spruce up
Landrovers, will take a lot of pounding and neglect, but when my wife drove hers to Australia she made very sure it was properly set up for 2 years on the road Similarly SQL Server is also often out in the wild far from DBA’s and inspection from maintenance tools, like System Center . However now...
9 Aug 2013
Update Tuesday – good for your health
1st of April could well see the resurgence of the infamous Conflicker or downadup worm which some experts reckoned had infected over 3.5 million computers by January. This is because Conflicker will use a new algorithm to work out which domains to attack. Many of the problems that have been...
30 Mar 2009
Evaluate This–File Classification
In my last post & screen cast I showed how Dynamic Access Control (DAC) worked; the business of matching a users claims to the properties of a file (Resource Property in DAC), however the problem then becomes how do I correctly tag my files so that DAC works. You shouldn’t necessarily be doing...
19 Mar 2013
SQL Server 2008 Encryption Keys
Encryption, Keys and certificates etc. are complicated and confusing judging by the number of support calls coming in from DBA's. As I said in my last post , Transparent Data Encryption is there to stop someone walling off with your data. A database can be encrypted using a key which is stored...
24 Dec 2007
Fuel injection is generally considered to be a good thing for cars, while IT professionals consider SQL injection to be a bad thing. The technique does not exploit weaknesses in the the database , but how it and the relevant web server are configured. In the Microsoft world a lot of work...
1 Jul 2008
Microsoft Security Intelligence Report vol 6
Every 6 months Microsoft publishes a freely available Security Intelligence Report (SIR) , looking at what’s happening to threaten the security of our personal and corporate computing. Mostly it‘s written in English and if you can’t find the time to read it all I would at least recommend the summary...
9 Apr 2009
Internet Explorer 8 on Vista and Windows 7
Viral has just pinged me a write up of a hacking contest from the Washington Post (he is American after all) . The "Pwn2Own" contest at the CanSecWest security conference in Vancouver won by a 25 year German student called “Nils”. He won $15,000 for exposing a vulnerability in IE8 beta...
30 Mar 2009
Think U Know
Reading today’s Sun , you might well be worried if your kids are on FaceBook, but taking their laptop away is probably not going to be the correct response, as they’ll simply find another way to get online which is less under your control than what they are doing now e.g. using their phone, a mates laptop...
28 Oct 2009
© 2014 Microsoft Corporation.
Privacy & Cookies