SQLServerCentral - www.sqlservercentral.com

A community of more than 1,600,000 database professionals and growing

Featured Contents

The Voice of the DBA

Serious Hacking

This editorial was originally published on Oct 20, 2015. It is being re-run as Steve is out of town.

There's a piece that calls the US Office of Personal Management (OPM) data breach the biggest government hack ever. It might be, but give us a few months and I'm sure something will be bigger. After all, we constantly acquire more data, so the next breech is likely to contain more information. I'm also not sure most of us are actually getting much better at security.

There were a few notes about this that would apply to every company I've worked in. Such as the OPM not having a comprehensive list of devices and databases. I'm not sure any company does, and having worked with people that run SCOM-type systems, it's a hard problem to solve. This doesn't even cover the problems of Excel. Access, and soon, PowerBI data being scattered across systems.

However there was one problem I think we could fundamentally improve in most companies. The article noted that OPM didn't have control over how it's systems were configured, meaning an attacker could reconfigure things. Far, far too many companies allow a (too) large group of people to deploy changes to servers. Even when larger companies limit rights for developers, I've too often seen operations staff log in and allow developers to change systems to get them working.

As an industry, we really need to solidify and build better systems for ensuring the security of our hardware and software and preventing, or detecting, unauthorized changes. Certainly there will always be social engineering and other techniques that bypass security, but we should be able to prevent malicious changes to systems with solid architectures from our vendors/FOSS developers. We should also decide upon, and be sure, that our staff learn, understand, and follow, best practices.

Steve Jones from SQLServerCentral.com

Join the debate, and respond to today's editorial on the forums
ADVERTISEMENT
SQL Provision

SQL Provision: Create, protect, & manage SQL Server database copies for compliant DevOps

With SQL Provisions virtual cloning technology, databases can be created in seconds using just 1MB of storage, and sensitive data can be anonymized or replaced with realistic data to ensure it is protected as it moves between environments. Download your free trial

SQL Compare

The industry standard for comparing and deploying SQL Server database schemas

Trusted by 71% of Fortune 100 companies, SQL Compare is the fastest way to compare changes, and create and deploy error-free scripts in minutes. Plus you can easily find and fix errors caused by database differences. Download your free trial

Featured Contents
 

Guide to Quickly Creating an Azure Data Lake Storage

Ashish Mahajan from SQLServerCentral.com

Read a step by step guide to setting up an Azure Data Lake Storage account. More »
 

Shrinking SQL Server Backup Files and Speeding Up Backups

Additional Articles from Database Journal

With backup compression you can speed up our backups, while making your backups smaller. More »
 

Improve the Performance of Your Azure SQL Database (and Save Money!) with Automatic Tuning

Additional Articles from SimpleTalk

Organizations may have many concerns about performance when migrating databases to Azure. Fortunately, Microsoft provides some great tools to help improve performance and save money. In this article, Monica Rathbun explains how to take advantage of these features. More »
 

From the SQLServerCentral Blogs - Invoke-Sqlcmd is Now Available Cross-Platform in the SqlServer module

Aaron Nelson from SQLServerCentral Blogs

Invoke-Sqlcmd is Now Available for MacOS & Linux in the SqlServer module.  The module has been posted as v21.1.18095-preview which means... More »
 

From the SQLServerCentral Blogs - Time Zones and Daylight Saving Time

Bert Wagner from SQLServerCentral Blogs

Watch this week’s episode on YouTubeAT TIME ZONE is great because it makes it easy to perform daylight saving time and... More »

Question of the Day

Today's Question (by Steve Jones):

Which of these Microsoft IDEs has an integrated terminal built into the product that allows you to run command line executables from the tool?

Think you know the answer? Click here, and find out if you are right.

We keep track of your score to give you bragging rights against your peers.
This question is worth 1 point in this category: Tools.

We'd love to give you credit for your own question and answer.
To submit a QOTD, simply log in to the Contribution Center.

Yesterday's Question of the Day

Yesterday's Question (by Steve Jones):

I have installed the SQL Server 2017 database engine and the command line tools on my Ubuntu instance. I want to connect to my instance using sqlcmd, but I can't remember the parameters. How do I get a list of possible parameters from an SSH shell session?

Answer: Run "sqlcmd" with no parameters

Explanation:

On Windows you need to run "sqlcmd /?" or "sqlcmd -?". On Linux, just running "sqlcmd" will give you a list of parameters.

Ref: sqlcmd - click here

» Discuss this question and answer on the forums

Database Pros Who Need Your Help
Here's a few of the new posts today on the forums. To see more, visit the forums.

SQL Server 2017 : SQL Server 2017 - Administration

SQL server logs - I have a question about SQL server logs and SQL server error logs. What usually are logged, I can see...

Pitfalls of cross-database views? - Hi, I currently work for myself and provide IT services to a hedge fund with around ~30 traders and analysts who...

SQL Server 2017 : SQL Server 2017 - Development

SSMS Ctrl+U Shortcut - For as long as I can remember, Ctrl+U takes you to the list of databases on the server, allowing you...

SQL Server 2016 : SQL Server 2016 - Administration

SQL Account - Once the SQL Server gets built by someone, later i would like to get notified about new database creations(this would...

SQL Server 2016 : SQL Server 2016 - Development and T-SQL

Permissions for different AD Groups - HI, I'm building SQL Server instance for reporting purposes. My plan is to use AD groups for server and database logins....

How can I offload the compute of SUM operation ? - Hi, I have an interesting case. I have SQL resources governor configured with two different type of workloads : batch and users. Batch...

Subqueries examples - Someone new to SQL asked me to show him a dozen of subqueries samples for Northwind or AdventureWorks databases. Does...

SQL Server 2014 : Administration - SQL Server 2014

Mirroring - I have database mirroring configured from Server A(principal) to Server C(mirror). However, i am thinking to do another DB mirroring...

SQL Server 2014 : Development - SQL Server 2014

insert to .XLSX fails if len(column) > 255 - Error: ERROR MESSAGE:   String orbinary data would be trun

SQL Server 2012 : SQL 2012 - General

Varchar(Max) storage - Dear Experts, Have a confusion regards to the storage capacity of varchar(max). My question is , when 8000 bytes (the whole page)...

Clustering - I have N-Way clustering setup and i need to configure the DR solution for the database located in the SQL...

Can't connect to the reporting services from SSMS - Hi, I am working with SSRS. I do have admin rights. I can connect to the url https://localhost/Reports and can create...

SQL Server 2012 : SQL Server 2012 - T-SQL

Joining a result set to a base table - I have a weird one that is hard to explain. So I am looking for any Providers that are not listed...

trimming SSNs - I have thousands of social security numbers I need to trim to leave only the last 4 digits... it is...

SQL Server 2008 : SQL Server 2008 - General

Database suspect during backup but not actually in a suspect state - Hi folks, This morning I noticed one of my DIFF backups jobs failed.  (I'm using Ola's scripts)  Problem is when I...

Filtering by date crashes report\query - Hi, I have the following sql query SELECT DISTINCT                          scheme.ABC.users_text_field, scheme.efg.PAL_efg, scheme.efg.PAL_oqty, scheme.efg.PAL_product, scheme.efg.PAL_date, &nb

Delete duplicate rows from ANY table. - Is there is 'fairly' simple query to delete duplicate rows from ANY table ? A script which removes duplicates from a...

SQL Server 2008 : SQL Server Newbies

Sql Query to find invalid SSN Numbers - I would like to write a query that returns any Employees (id, ssn, and name) with an invalid SSN along...

SQL Server 2008 : SQL Server 2008 High Availability

Restore the .Trn files from the directory folder - Hello Experts ! with the help of below topic https://www.sqlservercentral.com/Forums/Topic1817731-3412-1.aspx I tired to some modification the below script which is posted having...

Programming : Powershell

skip function if completed successfully - I have a function where I'm executing in succession a list of sql queries\updates. The function has try\catch so if...
This email has been sent to newsletter@newslettercollector.com. To be removed from this list, please click here.
If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com.
This newsletter was sent to you because you signed up at SQLServerCentral.com.
Feel free to forward this to any colleagues that you think might be interested.
If you have received this email from a colleague, you can register to receive it here.
This transmission is ©2018 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
Contact: webmaster@sqlservercentral.com