Are you tempted to click on a shortened link in your Twitter feed or a discussion forum, but you are unsure of the trustworthiness of the person who posted it? Usually when that happens, I simply move on. I’ve got more important things to do anyway, so I might as well avoid landing on a…
Read On…
A few weeks ago, David K. Sutton posted his thoughts on passwords on this blog, and since I had coincidentally just finished trying to hack a password around that same time, I thought I might add and/or elaborate a little on what he said, and offer some real world context and numbers. WORKPLACE CRACK Someone…
Read On…
To stay on top of security you need to regularly review your server configurations. It’s helpful to build a checklist to be used as part of an internal security audit review. Below is just such a checklist, specifically tailored to audit a SQL 2008 Server running on Windows Server 2008. Most of what’s in this…
Read On…
As part of an internal security review, I put together the following best practices guideline to secure SQL servers. This is just an example, and is not meant to be a comprehensive list of SQL server security parameters. DATABASE CREATION AND CHANGES New databases must be requested using a SQL database request form with proper…
Read On…
A guide for LAN Administrators who want to secure their systems without a user revolt. GOLDEN RULE OF PASSWORD CREATION: length + the uniqueness of your brain More on that in a moment. But first, if only we could trust our fellow human beings, there would be no need to secure our sensitive data. No need…
Read On…
Are you unable to “Unblock” a file after copying it from a network location to a Windows 2012 server? When you right-click the file in Windows Explorer and choose properties, do you see this message? Security: This file came from another computer and might be blocked to help protect this computer. PROBLEM When you click…
Read On…
Change tracking, resource allocation and security auditing are three very important issues for any IT administrator, particularly DBAs (database administrators). One item that can easily be overlooked is at the point of database creation. Why is the database needed? Who is requesting it? Will the database be used for production or testing/development? What are the…
Read On…