The Inherent Insecurity of Data Science

Data Science attempts to derive meaning from data. There are a lot of techniques, processes and tools you can use to do that – I cover those in this blog site. But Data Science is insecure – by default. And that’s a real problem. In a solution involving a Relational Database Management (RDBMS) system, you’ll…

0

DevOps for Windows Azure

“DevOps” (Short for Developer Operations) is one of a group of new terms such as “Cloud”, “Big Data” and “Data Scientist” – words that are somewhere between marketing and tasks we’ve actually had around in other forms for years.However, working in a Distributed Environment (Both on and off premises)  like Windows Azure does bring a…

0

The Importance of Paranoia for the Technical Professional

I recently read a blog post from a technical professional who’s account had been hacked (http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/)  – not because he used poor passwords or unsafe practices, but because the hackers used some social engineering to get around the safety he had put into place.  While I won’t focus on the particulars of his situation, the interesting…

1

SQL Azure and Trust Services

Microsoft is working on a new Windows Azure service called “Trust Services”. Trust Services takes a certificate you upload and uses it to encrypt and decrypt sensitive data in the cloud. Of course, like any security service, there’s a bit more to it than that. I’ll give you a quick overview of how you can…

2

SQL Azure – Requiring Encrypt=True

(Many thanks to Peter Gvozdjak and Dan Benediktson here at Microsoft who worked with me on this issue and provided the bulk of information for this post) Recently I had a customer inquire about some performance tuning he wanted to do for SQL Azure, and as part of that he found that it was possible…

1

Should All Data Be Encrypted By Default?

Recently several IT industry information outlets have reported that there has been a 10-year concentrated, organized effort on breaking through computer security at some of the largest companies in the world. Government sites have also been attacked in multiple countries. Add to this the regular loss of data by banking and other industries, and the…

2

Online Password Security Tactics

Recently two more large databases were attacked and compromised, one at the popular Gawker Media sites and the other at McDonald’s. Every time this kind of thing happens (which is FAR too often) it should remind the technical professional to ensure that they secure their systems correctly. If you write software that stores passwords, it…

7

Windows Azure Security Links

Research shows that companies that are considering a “cloud” platform have various concerns, and that security is at the top of that list. I’ve put together a list of the resources I use for explaining our security posture, and the steps that you need to take to be secure in Windows and SQL Azure. I’ll…

0

Schemas as Security Boundaries

There was a question yesterday on Twitter (hashtag #sqlhelp) wondering how to let developers create stored procedures and then grant the rights to those procedures to other people. I believe that question got answered, but it also brought up the subject of Schemas, which I’ve blogged about before. Schemas can act both as a container…

0

Don’t mess with the system databases in SQL Server, or Error: 916

Note: If you’re reading this more than a few months away from July of 2010, do more research. Never trust an old blog as gospel on anything, including my entries. Always refer to Books Online for the authoritative answer, and if it’s wrong, file a bug against it using the “Feedback” Button.   It kinds…

7