Check our collection of high-quality articles, on a variety of SQL Server Security topics. The collection is being regularly updated with new articles.
Hi friends, in this article we’ll be discussing about SQL Server Always Encrypted, that is being an introduction along with providing a top 5 Questions and Answers. What is SQL Server Always Encrypted? Always Encrypted is a pivotal feature in Microsoft SQL Server, Azure SQL Database, and Azure SQL Managed Instance, offering robust data … Read more…
Hi friends! Today, we are happy to announce a new release of our security tool for SQL Server, that is DBA Security Advisor v2.3. What is DBA Security Advisor? DBA Security Advisor, is a security assessment tool for SQL Server. By using the tool, you can connect to one or more SQL Server instances, … Read more…
Check our Tip of the Week, where in this week, we discuss about SQL Server’s Surface Area. Tip of the Week #20 Surface Area is a term that is usually used to describe the surface area of attack in terms of computer security. In SQL Server, it refers to the number of SQL Server components … Read more…
In an older article, we have discussed about Transparent Data Encryption (TDE) in SQL Server. In this article, we will be answering different frequently asked questions about SQL Server TDE. What is SQL Server TDE? SQL Server TDE stands for Transparent Data Encryption and it is Microsoft’s technology, based on which SQL Server performs … Read more…
Check our Tip of the Week, about the SQL Server Always Encrypted feature! Tip of the Week #1 With Always Encrypted in SQL Server 2016 and later, you can protect sensitive data, by encrypting sensitive data on the application side, without revealing the encryption keys to the Database Engine. To this end, through a … Read more…
Hi folks. Because enabling an SSL certificate on a SQL Server Failover Cluster, thus enabling encryption for your data in-motion, is a little bit tricky, I decided to write this article in order to help you out a bit, since in the past, I encountered the same difficulties. So, please read on to learn more … Read more…
This article, suggests a way of resolving the below error message, when you are trying to access SQL Server using “Microsoft OLE DB Provider for SQL Server” and TLS 1.0: [DBNETLIB] [ConnectionOpen (SECDoClientHandshake()).] SSL Security Error Prior to start writing this article, I was thinking of using a title like “How to still use TLS … Read more…
Transparent Data Encryption known also known as TDE (learn more), encrypts SQL Server, Azure SQL Database and Azure SQL Data Warehouse data and log files on the OS-level. Moreover, a derived benefit is that also SQL Server-based backups of encrypted databases are also encrypted. This type of encryption can be characterized as encrypting data at … Read more…
If you worked -or still working- with SQL Server 2005 (or even earlier), you must have noticed that when you installed these SQL Server versions, the local Windows group “Built-In\Administrators” was automatically included in the SQL Server instance along with getting the role “SysAdmin” server role. This actually, when it comes to SQL Server security, … Read more…
Encrypting a SQL Server database backup is necessary in many cases, especially when the database has sensitive data. SQL Server provides an easy way to encrypt database backups. Let’s further examine this functionality with a step-by-step example. In this example, we are going to backup a SQL Server 2014 database, encrypt it, and then restore … Read more…
[Update: SQLArtBits is Now SQLNetHub!] You can find the latest version of DBA Security Advisor here. On April 5 2017, SQLArtBits releases DBA Security Advisor v2.0. This article gives a sneak peek of the upcoming new release of DBA Security Advisor v2.0. DBA Security Advisor is a powerful tool developed by SQLArtBits that allows Database Administrators (DBAs) … Read more…
Until recently, enabling the frequent password expiration option in SQL Server was included in many security best practices. However, recent studies, revised this recommendation and support that it should not be further included in SQL Server’s security best practices. However, if this is the case, how can this recommendation be replaced with new, modern best … Read more…
The “Public” Database Role in SQL Server is a special database role that is given by default to all logins. You cannot remove a login’s membership to this role because this behavior is built into SQL Server. What does the “Public” database role does in SQL Server? Should we make use of it or at … Read more…
This article, discusses about the necessity of securing your SQL Server instances and databases. Introduction Database Management Systems (DBMSs) store data. They sure have added functionality and a huge set of significant features but again, in the end of the day, they store data. Your data. This makes your DBMSs one of the most valuable … Read more…
Dynamic Data Masking in SQL Server or later, is another data protection feature originally shipped with SQL Server 2016. It limits sensitive data exposure by masking it to non-privileged users. The masking rules are applied in the query results and you designate how much of the sensitive data to reveal and to who. SQL … Read more…