Security #Datachat on Twitter Tonight

Tonight, at 9 PM Eastern, I’ll be participating in a #datachat on SQL Server security. It’s sponsored by Confio (now part of Solarwinds).

You can find more details about the #datachat here.

How can you participate? Simply open up a search for #datachat and participate in the community Q and A. The more, the merrier!

I hope to see you online.

Presenting on Top SQL Server Vulnerabilities

On February 19th, 2014, I’ll be giving a webinar from 3-4 PM Eastern on the Top SQL Server Vulnerabilities. You can register here for it.

It is being provided by and GreenSQL. Here’s what I’m covering:

Your goal is to have a secure SQL Server installation. However, you don’t have forever to get the job done. Nor do you have an infinite amount of time and resources to monitor the installation after it’s in production.

  • What are the biggest things to focus on?
  • What will be your most painful headaches going forward?
  • What should you be watching for to detect a potential compromise?

In this webinar, I’ll answer these questions so you can quickly and effectively configure and test your SQL Server for optimal security. We will also give you a glimpse into GreenSQL’s offerings to secure your SQL Servers. For those on a tight budget, scripts will be provided and free tools referenced.

#TSQL2sDay – Data marts across a shaky WAN link

It sounded good in principle, especially given the requirements and the limitations:

  • We needed our various sites to be able to access the data on their customers.
  • Our line-of-business application that would be installed on the workstations will use this data.
  • Our sites resembled a snowflake schema with respect to WAN connectivity (this was back in the day when frame relay was king).

The solution? The monthly warehouse of data would be pushed out as data marts during off hours to key sites. We’d use DTS (this was back in the SQL Server 7/2000) days to accomplish the push each month and everyone would be happy. What could possibly go wrong?

A lot, apparently:

  • The network provider had a negotiated maintenance window on the circuits from 12 AM until 6 AM every day.
  • The network provider frequently, and without warning, used the maintenance window.
  • DTS didn’t have the greatest of restart capabilities nor was it designed to handle outages in connectivity.
  • Some of the links to the key sites didn’t have sufficient bandwidth for a data mart push.
  • The key line-of-business application front-loaded a bunch of data, MBs of data, and the auxiliary links were even slower than the links to the main sites.

Needless to say, the solution didn’t work. In the end all the SQL Servers in the field were recalled, the data mart push was cancelled, and a remoting solution which required far less bandwidth was deployed to provide our users with the new line-of-business application. Access to customer data outside of the line-of-business application was also deployed via the same remoting solution.

Want to read more T-SQL Tuesday stories? Jason Brimhall is this month’s host.

Presenting on Security at Midlands PASS

On Thursday, February 13, 2014, I’ll be at Midlands PASS in Columbia, SC. We’ll be meeting from 5:30 PM to about 7:30 PM. I’ll once again be given an open ended SQL Server security talk. Here’s the description:

Midlands PASS Chapter’s annual SQL Server security refresher! This is an open-ended discussing hosted by SQL Server MVP and resident SQL Server security expert, Brian Kelley. Bring your scenarios and questions and we’ll work through the best ways to build security solutions for and using Microsoft SQL Server.

We meet at Microstaff IT in Cayce, SC. They are a great host and we enjoy the accommodations. If you’re in the area, please stop on by!

We do ask that you RSVP so we know how much food to bring.