SQL Server Security Retrofit

Featured Article(s)
Elemental MDX: Members, and an Introduction to Member Functions, Pt. 2
Part 2: BI Architect Bill Pearson continues his Elemental MDX Series with an introduction to the ”members” concept in MDX, before exploring the .Members function. Next, he introduces member “family” functions, beginning the exploration of this general group of MDX functions with the .Parent, .Children and Ancestor() functions.

SQL Server Security Retrofit
I have been working with a friend on going back through SQL Server and applying better security. Their environment includes some third-party applications mixed in with applications that are built and supported in-house. I’ve been struck (again) by the "locked down" nature of the third-party applications, and the assumptions made by some developers about the control they wield over login information within applications.

It seems like so many third-party applications still embed the user name and password information in their tools. Sure, they let you provide the user name and password that you want them to use to go after your user databases, but usually these applications have their own databases for stats and such – and that information is either assumed, hard-coded or just plain difficult to update post-installation. In some cases we’ve had to update registry settings, which gets me wondering why, if I have to have access to the registry, why the vendor would assume I wouldn’t be the one legitimately updating the user name and password using the application? That’s the logic I’ve been told – that they don’t want to provide that native functionality because they’re afraid the wrong people would use it. But… hey, update that registry. No prob.

The internal developers have been challenging, but only in that they develop for the assumption that they’ll always be around to do the quick update to have the system to correctly to the database. Of course this breaks all sorts of compliance rules (now they have the login information for the db) and they become a single point of failure if something changes (password expiration for example).

I’m just surprised – what experiences have you had with SQL Server Security Retrofits? Drop me a note, let me know…

Featured Script
dba3_TriggerToFireUserProcedure_demo
see: http://bitonthewire.wpengine.com/forum/ShowPost.aspx?PostID=2981 … (read more)

SQL Server Security Retrofit

Recent Posts

Debugging Multi-Cloud Performance

Mixing Flavors of SQL Server

July Spotlight – Db2 LUW: Types of I/O

Part II: Overview of B- Tree and B+ Tree

Is it undermining or rude to email the boss to ask him to get his act together?

Debugging Multi-Cloud Performance

Mixing Flavors of SQL Server

July Spotlight – Db2 LUW: Types of I/O

Part II: Overview of B- Tree and B+ Tree

Is it undermining or rude to email the boss to ask him to get his act together?

Getting Started With Deep Learning in Your Browser Using TensorFlow.js

SQL Server Collation Overview and Examples

MySQL Escaping on the Client-Side With Go

VS Code Gets New Python Language Server, Named After Monty Python Character

How Hello World! changed – top level statements and functions (C# 9)

SSWUG.ORG