As we ring in 2024, many are reflecting on the past year and making resolutions for the future. For businesses, one resolution should stand out: recommitting to data security. The late-2023 Xfinity breach, where 36 million customers had their personal information compromised, serves as a stark reminder of the ever-present threat of cyberattacks. What happened?…
Read more
Poorly secured SQL Server VMs in Microsoft Azure are being attacked. And they are being used as a beachhead for additional exploits. According to a recent Microsoft warning, these attacks allow the bad actors to gain access to cloud resources without having to compromise the underlying infrastructure. How the attack works In the warning, Microsoft…
Read more
We know better than to click a link from the son of an unfairly deposed Nigerian Prince who needs our help. Yet, according to Deloitte’s 2023 Global Risk Management Survey, 91% of all cyberattacks begin with a phishing email. And many of them are successful. No business or industry is off limits. So, it’s important…
Read more
SQL Server is being targeted again. This attack is called DB#JAMMER. And it’s targeting poorly secured SQL Servers. What’s happening? Attackers begin by brute-forcing access into poorly secured SQL Servers. Once they have gained access, the attackers use xp_cmdshell to deploy tools. They manipulate the firewall, if needed, and transfer files to and from the…
Read more
Phishing attacks account for more than 80% of all security incidents according to this CSO article Top cybersecurity facts, figures and statistics. And the resulting data breaches cost an average of $3.92 million. With security incidents and data breaches making the news daily, it’s important to secure your networks, including your SQL Servers. That’s not…
Read more
If a user is a member of db_datareader, which grants access to a table, and db_denydatareader, which denies access to a table, which role will take precedent? That’s the question someone on LinkedIn recently posted in the SQL Server Administrators group recently. Here’s a link to the question. The LinkedIn poster essentially wanted to know…
Read more
Backup and restore? Log shipping? Maybe Failover Clustered Instances or Availability Groups can be used? Oh, what about Azure or another cloud provider? Some data centers offer “push button DR,” will that work? There are so many options. Where should we start with Disaster Recovery for our SQL Server? The point of Disaster Recovery Disasters…
Read more
We’ve made it! The start of a new year. Now is a great time to reflect on what you’d like to accomplish over the next 12 months at work, and more specifically, what you would like to do with your SQL Server environment this year. To help with that, here are five activities or goals…
Read more
In SQL Server, when someone creates a database, they own it. That means they have elevated permissions on the database. The SQL Server database owner can change configuration parameters, perform maintenance, and grant permissions on the database to other users. The database owner can even drop the database altogether. In highly secure environments (and what…
Read more
Securing and protecting your SQL Servers from the ever present threats of data breaches, ransomware, and even accidental data losses due to errant code or faulty systems is crucial. It’s one of the core responsibilities of a DBA. It would be great if there was a one-size fits all approach to data protection – one…
Read more
Recent Comments