Login from an Untrusted Domain – Back to Basics

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.

BIT9 PathNames

We live in a day and age when security (data, network, server, etc) is seemingly at the forefront of the daily news.

SQL Server Principals – Back to Basics

A fundamental component of SQL Server is the security layer. A principle player in security in SQL Server comes via principals.

Security as a Fleeting Thought

Today we have another installment in what is known as TSQL Tuesday.  This month we have an invitation and topic given to us by the infamous Kenneth Fisher ( blog | twitter). Today, the invitation […]

T-SQL Tuesday #58 – Security Phrases

Today is once again TSQL Tuesday.  This month the event and topic are being hosted by Sebastian Meine (blog | twitter).  You can read all about the topic this month on his blog inviting all […]

Slammer, Alive…Barely

By now you must have heard of the SQL Slammer worm.  It was quite an infectious little nuisance.  The harm it caused came largely due to unpatched, unprotected SQL Servers.

A Trio of Functions

I found myself perusing an execution plan the other day.  I know, big surprise there.  This execution plan showed me some interesting things I had never really paid much attention to in the past.  When […]

Public Role and Security

A good rule of thumb with the public role is to leave it be.  Do not add permissions to this role.  Add permissions on a per database  and per group of users basis.  Create roles within the database and grant permissions to that role – in each database.  And remember the rule of least privilege – don’t grant more permissions to a user/role than necessary to perform the job function.  Just the same as in an airport – everybody has their role and it is strictly defined.  If the user need not have access – then don’t grant the permissions.

Stored Procedures – Common Security Practice

In SQL Server a good practice is to access the data via calls through stored procedure.  Have a look at the document available in that link. To further this practice, one may create a database […]

Column Level Permissions

Did you know that you can grant permissions down to the column level in SQL Server?   Well, if you didn’t know that – you do now. It is actually rather simple to grant permissions […]