Problems displaying this newsletter? View online.
Database Weekly
The Complete Weekly Roundup of SQL Server News
Hand-picked content to sharpen your professional edge
Editorial
 

Secure Enclave Concerns

We worry about security as data professionals. It's a constant issue, though it seems that so many of the data breach issues come from simple mistakes. We have lots of automation, configuration as code, and more. These days we should have a protocol and automated process for setting up systems, file shares, and other ways of allowing others to access data.

Awhile back we had attacks against hardware (Meltdown and Spectre), which required patches to systems to secure them. This was disruptive, but I haven't seen any widespread security issues as a result of these flaws. Many systems were patched, though it's entirely possible that there have been exploits.

In a report this week, researchers have found a way to read data in the secure enclaves of some chipsets. That's disconcerting because lots of secure software counts on the Intel Software Guard Extensions (SGX) protecting data. This is part of the Always Encrypted enhancements in SQL Server 2019, which I was happy to see added. These are supposed to help ensure you can protect data, even if you don't have control of the physical machine, which is common in hosted and cloud scenarios.

A new exploit could be a problem. Intel says it's not, but they have an interest in saying that. The research looks complicated, and I could certainly see this is hard to do, but attacking a large environment, like a cloud subscription, might be something hackers try. Even if they aren't successful, there may be performance issues with SGX calculations from a software patch.

The point of this piece isn't to alarm you. Likely this is more speculative than reality, but you should be aware there are potential issues. Encryption and security are complex topics, and I'm hoping Intel and Microsoft (and others) come up with better protections and mitigation for the issue. However, ultimately it's up to us tech professionals to understand what possibilities there are and ensure we are taking every precaution we can.

Steve Jones - SSC Editor

Join the debate, and respond to the editorial on the forums

 
The Weekly News
All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit.
Vendors/3rd Party Products

New release: SQL Monitor 10

New release: SQL Monitor 10 SQL Monitor 10 has landed! You can now integrate SQL Monitor alerts with your ticket management system, so chosen alerts are automatically raised as tickets. New suppression options give you granular control over what alerts are raised during specific times, such as maintenance windows. And, you can now annotate the server activity graph with specific events, so you can measure their impact on your servers. Discover the new features

Enterprise Insights from the 2020 State of Database DevOps report

17% of Enterprise respondents in this year's State of Database DevOps survey reported that DevOps has been adopted across all projects in their organization. This year’s State of Database DevOps report gave us some great insights into the landscape of Database DevOps. Kendra Little walks us through those insights specific to Enterprise organizations.

Administration

Collation Conflict with Extended Events

The default collation for SQL Server is a pretty b...

SQL SERVER – Scheduler_ID with Large Number in dm_os_schedulers

The other day, I had a very interesting conversati...

Window Shopping the Query Store with XEvents

This article has just shared multiple tools to help you become more acquainted with the Query Store! This acquaintance is coming via an extremely powerful tool called Extended Events.... The...

SQL SERVER – Msg 17177 – This Instance of SQL Server Has Been Using a Process ID of %s since %s (local) %s (UTC)

In this blog today, I would share my understanding of the message “This instance of SQL Server has been using a process ID of" First appeared on SQL SERVER –...

Extended Events: system_health and a Long Running Query

Wouldn’t it be great to just quickly and easily ...

T-SQL Tuesday #124 Query Store and Spin Locks #tsql2sday

This month’s T-SQL Tuesday invitation comes from...

T-SQL Tuesday #124 – Monitoring Query Store’s Impact on Your System

This month’s T-SQL Tuesday blogging party is brought to you well by me and I wanted to talk more about Query Store.  I did write a book on it... The...

T-SQL Tuesday #124–Query Store in Action

Today is T-SQL Tuesday #124 and I’m dropping a q...

Query Store for Workload Replays

This month’s T-SQL Tuesday is hosted by Tracy Boggiano. Tracy invites us all to write about adopting Query Store. Today, I wanted to share my favorite but a very... The...

Azure DevOps

Adding a git commit hash and Azure DevOps Build Number and Build ID to an ASP.NET website

A few months back I moved my CI/CD (Continuous Integration/Continuous Development) to Azure DevOps for free. You get 1800 build minutes a month FREE and I'm not even close...

Azure SQL Database

SQL: Setting local date and time for a session in Azure SQL Database

Yesterday, I posted about how to get local date an...

Career Growth and Certifications

“Working” From Home? Watch A Bunch of Free SQL Server Videos on YouTube.

You’re new at this working from home thing, and you’re trying to put Game of Thrones up on a second monitor while you work? Listen, that’s not gonna play...

Telecommute Resources

This is a summary of potential resources for any t...

"What did it take to become a MVP?"

@william_a_dba what did it take to become a MVP??...

Two years of working remotely

I’ve been working remotely for just over 2 years...

Computing in the Cloud (Azure, Google, AWS)

How to Enable Security Defaults in Azure Active Directory

Microsoft is gradually introducing multifactor authentication (MFA) for all organizational accounts in Azure Active Directory. In this article, I look at the new Security Defaults setting and how to...

Cloud migration: 5 common traps and how to avoid them

For most organizations, migrating to the cloud happens in four broad phases. First, there’s the opportunistic phase: skunkworks projects and new systems start to use public cloud, with or...

Conferences, Classes, Events, and Webinars

Microsoft Moves Build to Virtual Event, Cancels In Person Show

Microsoft has announced that its developer confere...

Four Free ADF Webinars

I just finished removing the latest appointment to...

Database Reliability Engineer- The new DBA?

Join us on Tuesday March 31, 4-5pm BST / 10-11am Central for this live webinar: The role of the DBA is evolving, with automated builds, cloud and DevOps being the new A,B,C,Ds in the day to day management of databases, you need to up-skill and learn about Database Reliability Engineering.

DevOps insights from experts in Financial Services

On Thursday March 24, 3-4pm GMT / 10-11am Central join us live with Microsoft MVP Grant Fritchey as he discusses database DevOps in Financial Services with our panel of industry experts. They will explore the similarities and differences in their experiences of DevOps and how that looks for Financial Services in today’s landscape.

Data Privacy, Compliance, and GDPR

Creating a Competitive Advantage Through Data Privacy

Click to learn more about author Chris Mullaney. T...

Student privacy laws still apply if coronavirus just closed your school

FERPA is probably not in anyone's top 100 concerns right now, but it still exists.

Data Visualisation

Using data visualization to track the coronavirus outbreak

In the early days and weeks of any widespread global health concern, particularly in a fast-moving outbreak like the coronavirus, there are many unknowns. Data visualization can be a...

DevOps and Continuous Delivery (CI/CD)

Does DevOps deliver during a health crisis?

The world today is suffering from the advent of a new disease, COVID-19. Now, all is not doom and gloom, and there is absolutely no reason for any kind...

ETL/SSIS/Azure Data Factory/Biml

Updating Default SSIS Values in the SSIS Catalog

A couple friends recently contacted me trying to s...

Data Cleansing: Everything You Wanted to Know About It

Click to learn more about author Chirag Shivalker. Today there is harsh competition in the market for companies to grow and even to survive. Data is the most important...

Hardware

New Comet Lake Mobile CPU Spotted in Intel Documents: Core i7-10810U

Intel today published a new Product Change Notification today stating that it has started using an additional Assembly, Test, and Finish site to build its mobile Comet Lake CPUs. In...

Storage 101: Understanding the NAND Flash Solid State Drive

Today, most organization are using solid-state drives for everything from laptops to enterprise database storage and virtual machines. In this article, Robert Sheldon explains how NAND flash solid-state drives...

MDX/DAX

The COALESCE function in DAX

COALESCE is a DAX function introduced in March 2020. This article describes the purpose of COALESCE and how to simplify DAX expressions by removing verbose conditions, and yet obtain...

Microsoft News

Microsoft delivers emergency patch to fix wormable Windows 10 flaw

Attackers got a head start when critical SMBv3 fla...

Patch Tuesday – March 2020

The biggest Patch Tuesday in the company's history, this month Microsoft fixes 115 bugs. There's also a security advisory for a critical bug in SMBv3 and a patch for...

Microsoft—and Ars—advise split-tunnel VPNs to minimize coronavirus woes

Don't waste limited local bandwidth on VPNing remote users' Office365 traffic.

Performance Tuning SQL Server

Broken Filtered Indexes

Fix Your Indexes, Pal

Rewriting Multi Statement Table Valued Functions

Hey You Should Do This

How to Track Performance of Queries That Use RECOMPILE Hints

Say we have a stored procedure that has two queries in it – the second query uses a recompile hint, and you might recognize it from my parameter sniffing...

Things to Consider When SQL Server Asks for an Index

One of the things I love about SQL Server is that during query plan compilation, it takes a moment to consider whether an index would help the query you’re...

SQL SERVER – Reducing TempDB Recompilation with Fixed Plan

Let us talk about how we were able to reduce tempdb recompilation with Fixed Plan while working on Comprehensive Database Performance Health Check. First appeared on SQL SERVER – Reducing...

Angry Aggregates Part 3

3/3

PowerPivot/PowerQuery/PowerBI

How to Enrich Power BI with Pre-Built Sentiment Analysis Models

My colleague David Eldersveld recently wrote a blo...

Visualising Power BI Premium And Azure Analysis Services Query Parallelism

In my last post I showed how to connect SQL Server Profiler up to a Power BI Premium dataset but I didn’t give you any examples of why this...

Controlling Power BI drill down with a few tricks

Power BI drill down default behavior may not be wh...

Power BI Security

A common topic I have been discussing recently with customers is the security around Power BI. Basically, how to prevent users seeing data they shouldn’t. So I’ll discuss the... The...

Adding Semesters to a Calendar in Power BI

I have delivered Power BI training at a number of universities over the last 6 months, and a few of the participants asked me the same question.  “What is...

?? Let’s Talk Power BI Gateways

Join us live as we talk about Power BI gateways! T...

Configure Power BI Aggregations

Learn to configure your Power BI Aggregations tabl...

Product Reviews and Articles

Evaluating SQL Data Catalog using Docker Containers

Richard Macaskill shows how to use Docker Compose to get SQL Data Catalog up and running in a container, in your SQL Server test lab, and then use it...

Using SQL Monitor Groups in PowerShell

Not only are SQL Monitor Groups probably the neatest and most maintainable way of ensuring that all your SQL Servers have the best possible configuration of alerts, but they...

Product Upgrades and Releases

R 3.6.3 Now Available

David Smith takes a look at R 3.6.3: On February 29, R 3.6.3 was released and is now available for Windows, Linux and Mac systems. This update, codenamed “Holding…Continue readingR 3.6.3 Now Available

Security News and Issues

Intel SGX is vulnerable to an unfixable flaw that can steal crypto keys and more

Just when you thought it was secure again, Intel's digital vault falls to a new attack.

LA Covers Up Bad Cybersecurity

This is bad in several dimensions. The Los Angeles Department of Water and Power has been accused of deliberately keeping widespread gaps in its cybersecurity a secret from regulators...

T-SQL

Modernizing Your T-SQL: The Sequence Object

This is one of several posts on modernizing T-SQL code with new features and functionality available in SQL Server.

SDU Tools: Calculate day number in a month in SQL Server T-SQL

I often need to calculate a day number in a month. For example, I need to work out the 3rd Tuesday of a month, or the 4th Friday, and...

SDU Tools: List of countries in a SQL Server T-SQL view

I regularly need a list of countries in drop-down lists, etc. To make that easy, in our free SDU Tools for developers and DBAs, we added a tool to...

NULL complexities – Part 4, Missing standard unique constraint

Continuing his treatment of NULLs in SQL Server, Itzik Ben-Gan covers how SQL Server's implementation of unique constraints differs from the standard, and how you can work around it. The...

The Lighter Side

1,200 uncomfortable miles in a gorgeous Acura NSX hybrid supercar

A trip from Ohio to Florida in the American-made supercar.

Space Center Houston now has a twice-flown Falcon 9 on display

We were there, and here’s a bunch of pictures from the ribbon cutting ceremony.

Virtualization and Containers/Kubernetes

Improved VMware vCenter Performance Metric Logging

By default, the vSphere vCenter deployment contain...

 
RSS FeedTwitter
This email has been sent to newsletter@newslettercollector.com. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com. Note: This is not the SQLServerCentral.com daily newsletter list, and unsubscribing to this newsletter will not stop you receiving the SQL Server Central daily newsletters. If you want to be removed from that list, you can follow the instructions on the daily newsletter.
©2019 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
webmaster@sqlservercentral.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -