SQL Saturday #354 – Charleston, SC is almost here!

If you are relatively near to Charleston, SC, there’s a SQL Saturday there this weekend, December 13th!

SQL Saturday #354 – Charleston, SC

Looking at the speaker list, if you’re able to attend you’ll get top notch training for FREE! For instance, the SQL Server Legend, Kevin Kline, will be present to give a presentation and participate in a career panel. Whatever your focus is with SQL Server, there looks to be topics covering it.

If you’re looking for security, come early, as my talk is at 9 AM. If you can’t make it, I’ve already uploaded my presentations and scripts to the site.

 

Speaking at SQL Saturday #354 – Charleston, SC

If you’re looking to warm up for the winter, come on down to Charleston, SC, on December 13, 2014. Charleston will be hosting its second SQL Saturday. Why Charleston?

And, oh yeah, SQL Saturday! But outside of SQL Saturday, here’s a great link to see all the places to hit and see in Charleston.

As for me, I’ll be giving a security talk:

What You Absolutely Must Know about SQL Server Security

There are so many security tips out there for SQL Server. Almost all of them are rated as a best practice.What do you listen to? What do you focus on? In this session we’ll break down what you absolutely must know about securing SQL Server. We’ll look at the things to look for within SQL Server, including some of the nooks and crannies an attacker might use but what are rarely audited. You’ll leave with a checklist of what to investigate and a set of scripts to run on your own systems.

Speaking at SQL Saturday #233–Washington, DC

For those who will be at SQL Saturday #233 in Washington, DC, I’ll be giving my professional development talk, Being the Swiss Army Knife of DB Pros, at 9:45 AM.

My career is ever evolving and so is my talk. For instance, I have just returned to the role of an infrastructure and security architect, once again stepping away from being a full-time DBA.  This brings new relevance to some of the material in my presentation. So even if you’ve seen it before, I hope there will be something new for you.

If I were to sum up my talk with one quote, this one I found recently from Miyamoto Musashi’s The Book of Five Rings is appropriate:

“You should not have a favorite weapon. To become over-familiar with one weapon is as much a fault as not knowing it sufficiently well.”

I hope to see you in Washington, DC.

Is There Interest in SQL Server Security Pre-Cons?

I’m very passionate about security, especially database security. As the numbers with regards to data breaches continue to climb, this is become even more important to me. I’ve been affected personally by data breaches, as have many others. For instance, I’ve had to change out my credit cards due to payment processor breaches, I was affected by the South Carolina Department of Revenue breach, and I’m sure there are others, maybe ones that weren’t reported, that I was affected by as well.

I enjoy speaking on security, but a 45-75 minute session barely scratches the surface when it comes to any security topic. I’d love to spend more time covering more information, diving down into more details, etc., for those wanting to learn. The best way to do that is probably through a pre-con at a SQL Saturday.

I’ve given half day and full day sessions before, primarily to IT auditors, and I’m thinking the same sort of time length is appropriate to convey enough information to make it worth paying for. Here’s a sample agenda from one of my half day courses to give you an idea of what I’m thinking about (this is from a SQL 2000-2008R2 class):

  • Hour 1
    • General Security Principles We Follow
    • Hardening OS and SQL Server – Surface Area
    • Access SQL Server and its Databases
  • Hour 2
    • SQL Server’s Permission Model
    • Changes from SQL Server 2000 to 2005
  • Hour 3
    • Auditing using Triggers
    • Server Side Traces
    • Audit Object
  • Hour 4
    • Built-In Encryption Options

If you think you’d be interested in such a pre-con, especially if you’re a SQL Saturday organizer, comment on this post or, better, send me an email at brian {dot} kelley {at} sqlpass {dot} org (note the spelling on the last name as kelly will cause it to bounce).