Your SlideShare is downloading. ×
0
Basic Security Practices
for the Well-Rounded
DBA
SQL Server DBA Professionals
2 Global MarketingUnderstanding Query Execution Plans
It was a day like any other…
Until a hacked system administrator pas...
3 Global MarketingUnderstanding Query Execution Plans
It was a day like any other…
Too often security issues can be the Ac...
4 Global MarketingUnderstanding Query Execution Plans
The basics
1. As illustrated by the above anecdote, don’t give
out y...
5 Global MarketingUnderstanding Query Execution Plans
Points of vulnerability
4. SQL Injection Attack – When SQL syntax is...
6 Global MarketingUnderstanding Query Execution Plans
Points of vulnerability
5. Backups are another area of vulnerability...
7 Global MarketingUnderstanding Query Execution Plans
Points of vulnerability
6. Not every threat is virtual – How many ti...
8 Global MarketingUnderstanding Query Execution Plans
Costly liabilities
A lot of costly security liabilities can be avoid...
Learn More
Click to view Dell’s webinar Building a Bulletproof
Security Strategy for SQL Server, part of our expert
series...
Upcoming SlideShare
Loading in...5
×

Basic Security Practices for the Well-Rounded DBA

176

Published on

Too often security issues can be the Achilles’ heel of an otherwise well-rounded DBA. Even simple practices can be detrimental when overlooked. This presentation covers six security staples to help prevent points of vulnerability and costly liabilities.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
176
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Basic Security Practices for the Well-Rounded DBA"

  1. 1. Basic Security Practices for the Well-Rounded DBA SQL Server DBA Professionals
  2. 2. 2 Global MarketingUnderstanding Query Execution Plans It was a day like any other… Until a hacked system administrator password led to a system lockdown. It’s not an uncommon story. Since the server was online – six physical business locations were negatively affected while the IT team scrambled to right the ship.
  3. 3. 3 Global MarketingUnderstanding Query Execution Plans It was a day like any other… Too often security issues can be the Achilles’ heel of an otherwise well-rounded DBA. Even simple practices can be detrimental when overlooked.
  4. 4. 4 Global MarketingUnderstanding Query Execution Plans The basics 1. As illustrated by the above anecdote, don’t give out your system administrator password. 2. Another basic network security staple is choosing the right kind of authentication (Windows vs. SQL login). • Windows authentication is more highly recommended for an internal network. • A database logged into a local Windows machine can use Windows authentication, which will automatically enforce a certain level of good practice. 3. Smartly using your system’s role-based access capabilities is another common-sense safeguard that is too often overlooked.
  5. 5. 5 Global MarketingUnderstanding Query Execution Plans Points of vulnerability 4. SQL Injection Attack – When SQL syntax is being transferred between a web or Windows app and a database, a hacker can inject code into the app’s text box, manipulating the application to drop or delete needed tables. • This is one area where a bit of coding ability (and the willingness to proactively communicate with your developer) makes a more well-rounded DBA. • At the DBA level, you can set DDL (data definition language) triggers in the database so that when an injection attempts to create, drop or delete a table, the trigger prevents it. • Establishing stored procedures on your database—so that non-stored procedures are eliminated—is another safeguard against SQL injection.
  6. 6. 6 Global MarketingUnderstanding Query Execution Plans Points of vulnerability 5. Backups are another area of vulnerability – What kind of encryption are you using for database backups, and are they protected with a keyword so that wayward backup files would be harder for a bad actor to decrypt and open? • Unforced errors are part of database backup pitfall. – Let’s say the database has been running great for the last few months, but an event dictates that you have to recover data. – If you haven’t tested your backups to see if they were properly configured and now you have three months’ worth of broken or corrupted data, you have just ―hacked‖ yourself.
  7. 7. 7 Global MarketingUnderstanding Query Execution Plans Points of vulnerability 6. Not every threat is virtual – How many times have you seen a completely unlocked server room or unlocked server racks? • If that room is in your workplace, you know what to do, today. – We have seen one company where that room was right behind the reception desk. • Absorbed by performance issues or the daily routine, some IT teams fail to imagine that somebody could walk right into one of their server rooms, unplug a box, and walk right out the front door.
  8. 8. 8 Global MarketingUnderstanding Query Execution Plans Costly liabilities A lot of costly security liabilities can be avoided by adding just a few common-sense, basic practices to your DBA routine. So in the event that your database or equipment becomes a target, you don’t have to explain why you didn’t protect your company’s or client’s data from the most basic and obvious threats.
  9. 9. Learn More Click to view Dell’s webinar Building a Bulletproof Security Strategy for SQL Server, part of our expert series on protecting your SQL Server installation.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×