When we are saving passwords in our systems everyone seems to be in agreement that the password should be encrypted if stored in a database for future retrieval and verification. Some are more careful and save it as a one way encryption so that if the user forgets their password it cannot be retrieved. The only thing the system will […]

Security breaches and systems failures seem to be events that we rapidly forget. In the last four months we have had a major credit card theft from a major department store and exposed a significant hole in OpenSSL that has been there for a very long time. Service providers have been quick to respond to these intrusions and possible open […]

The recent security hole found in OpenSSL has me thinking about security from a large perspective. I have been educated that the majority of times your system or system data are compromised occurs from an internal source; not from someone who has found an open door somewhere. So, I want to drop some random thoughts for consideration and see where […]

Have you ever found that someone had actually hacked into your company? I have. About ten years ago someone had broken into our data center through a security hole in SQL Server. It wasn’t through SQL Injection, but rather through a buffer overflow problem in the SQL code itself. What I remember the most was the impact of that occurrence. […]

You have probably already heard or read about the security hole in the OpenSSL library used by many operating systems and other products. The importance is huge, and a web site has been setup to disseminate information about it at http://heartbleed.com. Now that I have brought it to your attention I have been talking with colleagues about open solutions. Should […]

The Microsoft Remote Desktop Manager is one of the most published secrets I have finally come across. This is one of the most useful tools I have found in a long time, and it has been available for years. Perhaps you have already found it; but I have introduced it to a few people already the last couple of weeks […]

Bottom up database development can save a lot of time and resources compared to a Top Down scrub process. Let me explain what I mean because you are probably asking yourself what I’m talking about. By bottom up database development I mean that change begins in a development environment, and is pushed up to other environments in a re-producible manner. […]

Recently I have been digging into an open systems tool for managing database changes. The tool is called Fluent Migrator. It brings a lot of flexibility that may be of use to you in different scenarios. Fluent Migrator operates against many different data engines both SQL and NoSql. Because it uses a fluent syntax, it allows you to execute the […]

I’ wondering if the SQL Server engine plateaued? From SQL Server 4.21, the first version I started using on the Windows platform, up to SQL Server 2005, each release had significant enhancements in the data engine. My perception is that the data engine has been relegated to a lower priority since SQL Server 2005. Enhancements to the data engine have […]

Here are a couple tips for optimizing your use of the SQL Server Management Studio editor. I was prompted for this editorial by reading an article in SQL Server Magazine called, “Using the Alt Key for Editing” by Michael K. Campbell. In his article he demonstrated how you can select a column inside the SQL editor, and that any typing […]