Browse by Tags

Related Posts
  • Blog Post: Best Practices Analyzer for ISV SQL Servers to protect your company’s property

    The intellectual property(IP) or other valuable information may be stored on SQL Server in your ISV product. Its value is more than credit card records (credit cards can be cancelled if lost, IP can’t). It may be the equivalent of a state secret for your firm. Microsoft provides two versions of...
  • Blog Post: Adding failed SQL Server Logon Support to a PLM SQL Server

    [Prior Post in Series] [Next Post in Series] In my prior post on securing PLM systems (Enovia and Windchill) I cited that SQL Server does not disable accounts after N failed attempts, allowing a malicious agent to do a brute force attack on a known account like “sa”. In many cases, just...
  • Blog Post: Temporal constraints on Login in SQL Server

    [Prior Post in Series] [Next Post in Series] In my prior posts on applying PCIDSS standards to protect your company’s data I showed now a DDL trigger (FOR LOGON) may be used to enhance logon security . In this post I will look at using the same DDL trigger (FOR LOGON) with some additional tables...
  • Blog Post: Great SQL Server Whitepapers – all in one location

    SIlvano Coriani has done a great job compiling the most relevant SQL Server whitepapers available on SQL CAT and Technet sites. These papers are categorized into the major categories of Performance and Tuning, High Availability and DR, Security, Manageability, Migrations and Upgrade and Business Intelligence...
  • Blog Post: How Important Is Your Data? (Mini-Lab Part 1/2)

    [Next Post in Series] What would it mean to you and your business if a hacker or a competitor had access to your database? What would happen if data like personal customer information, Human Resources data, sales details, product lists and prices got in the wrong hands? What about banking information...
  • Blog Post: Adding enhanced password constraints to SQL Server

    [Prior Post in Series] [Next Post in Series] In my prior posts on applying PCIDSS standards to protect your company’s data I showed now a DDL trigger (FOR LOGON) may be used to enhance logon security . In this post I will look at a different pattern to improve password constraints. In this...
  • Blog Post: SQL Server Security – Additional Resources

    [Prior Post in Series] The intellectual property (IP) stored on SQL Server in your PLM may be your firm’s greatest asset. Its value is more than credit card records (credit cards can be cancelled if lost, IP can’t). It is equivalent to a state secret for your firm. The logical solution...
  • Blog Post: Best Practices Analyzer Exceptions expected for Dassault Systèmes ENOVIA

    If you run the SQL Server 2005/2008R2 Best Practices Analyzer (see my prior post) on a for Dassault Systèmes ENOVIA or SmarTeam, the BPA report might show the exception shown below. Do not correct it – this is by design and you should click [Exclude this Result]. For any other exception...
  • Blog Post: Best Practices Analyzer Exceptions expected for PTC’s Windchill

    If you run the SQL Server 2005/2008R2 Best Practices Analyzer (see my prior post) on a PTC Windchill installation, the BPA report might show the exception shown below. Do not correct it – this is by design and you should click [Exclude this Result]. For any other exception, correct it...
  • Blog Post: Improving SQL Server Security to PCIDSS Standards

    Author: This article is written by our contributing author Ken Lassesen. His bio can be found here . [Prior Post in Series] [Next Post in Series] [Next Child Post in Series] I am a standards-based person and prefer to adopt existing best practices. When I work in the roles of Product...
  • Blog Post: Expiring sessions after 15 minutes on SQL Server

    [Prior Post in Series] [Next Post in Series] In my prior posts on applying PCIDSS standards to protect your company’s data I showed now a DDL trigger (FOR LOGON) may be used to enhance logon security. In this post, I will look at a solution that works by executing a stored procedure every few...
  • Blog Post: How Important Is Your Data? (Mini-Lab Part 2/2)

    [Prior Post in Series] In Part 1 of this 2 part Mini-Lab series we looked at setting up TDE (Transparent Data Encryption) for a database and backing it up. In Part 2 we're going to discuss restoring a database (that has TDE enabled) to a different instance as well as disabling and removing TDE if...