Featured Article(s)
Molecular MDX: Change Across Periods and Periods-to-Date Aggregations, Part 2
Part 2: Understand the basics of comparing periods, and accomplish year-to-date and other time-based aggregations, across the Time dimension. Join author Bill Pearson in a practical introduction to the mechanics of time and the analysis of change from period to period, as well as period-to-date aggregation at multiple hierarchical levels.
Surprising SQL Server Security Setup Gotcha…
I was working with a client the other day and we were trying to work through how someone had casually gained access to information on the system. They didn’t seem to have giths on the server to do what they had done, but yet clearly they’d obtained access to the data.
We worked through the logs, looked through the various things you’d exect – from logins, to the applications, etc. It just wasn’t clear what had happened.
We found out that what they had done is to get on the server (they had server-level access), copy the database backup files to another (development) server, restore them, then voila! Access to the data.
It was an overlooked step in setup and configuration – that of locking down the directories used by SQL Server, and in particular backups in this case.
So, long story short – make sure you’re doing a few different things.
– consider locking down the directory access for your data files, backups, etc. Test different configurations.
– use secured (passworded, encrypted) backup to prevent access, even in cases where access to the physical files is gained.
– encrypt sensitive data
It’s worth taking a few minutes to review setup and security settings…