A recent discussion got me to thinking about Auditing. To be honest, it got started with a complaint about some documentation that seemed overly light about the various fields related to auditing as it stands […]
Do you know the last time a Server Property was changed on your instances of SQL Server? Are you wondering when the setting for max degree of parallelism was changed? Do you know who changed […]
A good rule of thumb with the public role is to leave it be. Do not add permissions to this role. Add permissions on a per database and per group of users basis. Create roles within the database and grant permissions to that role – in each database. And remember the rule of least privilege – don’t grant more permissions to a user/role than necessary to perform the job function. Just the same as in an airport – everybody has their role and it is strictly defined. If the user need not have access – then don’t grant the permissions.
In SQL Server a good practice is to access the data via calls through stored procedure. Have a look at the document available in that link. To further this practice, one may create a database […]
Did you know that you can grant permissions down to the column level in SQL Server? Well, if you didn’t know that – you do now. It is actually rather simple to grant permissions […]
This article demonstrates a script that will generate a nice html report of your database security suitable for the auditors.