What if I told you just using multi-factor authentication (MFA) wasn’t enough anymore? The Lapsus$ hacking group, who were at least partially made up of a group of teenagers in the UK, took a very targeted hacking approach. They used password stuffing to try to breach the password credentials of power users within organizations they […]
Tag: security
Fixing SQL Server Database Corruption (when you get lucky)
First things first–if you are reading this, and not regularly running consistency checks on your SQL Server databases, you should drop everything you are doing and go do that. What do I mean by regularly? In my opinion, based on years of experience, you should run DBCC CHECKDB at least as frequently as you take […]
Passing the AZ-500 Exam–How I Prepared
A few months ago, I was asked to do a webinar on security for Microsoft Teams. In preparing for that webcast, I noticed a number of security features that required either Azure Active Directory P2, or Office 365 M5. In order to get either of those two features for free, DCAC needed to gain the […]
Have You Patched For Spectre/Meltdown Yet? (And more on patches)
It’s security week here at DCAC (you can join us on Friday January 19th, 2018 at 2PM in a webcast to talk more about security) and I wanted to focus on patches. I wrote a couple of weeks ago about the impact of Spectre and Meltdown to SQL Server (and just about every other thing […]
Why Are You Still Running Your Own Email Server?
One of the things I tell customers when doing any sort of architectural consulting, is to identify their most important business systems. Invariably something that gets left off of that list is email. Your email is your most critical system. ERP may run your profit centers, but email keeps it moving. With that in mind, […]
Exporting Masked Data with Dynamic Data Masking
The SQL Herald | Databases et al… Dynamic Data Masking is a presentation layer that got added to Azure SQL DB and SQL Server 2016. In a nutshell it prevents end users from seeing sensitive data, and lets administrators show some data (e.g. the last 4 digits of social security number) for verification purposes. I’m […]
Does In-Memory OLTP Work with Always Encrypted? (AKA That time Bob Ward asked us a question)
Last week was the PASS Summit, which is the biggest confab of SQL Server professionals on the planet (and educational as ever), Denny Cherry (b|t) and I ran into Bob Ward (b|t) of Microsoft and of 500 level internals presentations. And for the first time ever, Bob asked us a question about SQL Server—of course […]