Enabling Encrypted Connections with SQL Server Configuration

Hello Readers, Here is another post arriving from Norm Eberly.   My colleague Sean Gallardy and I were asked about the process for enabling encrypted connections for SQL Server as outlined here when using a Group Managed Service Account (gMSA). According to the reference, in order to install the certificate, you need to be running…

0

Transparent Data Encryption (TDE), Traceflag 5004, and interrupting encryption scanning

Hello Blogreaders, Here is another post from Grant Carter to help with your TDE efforts on large databases.   Have a read and consider.   Recently I was engaged with a customer who runs a system that is very visible and busy during the business day.  The customer wanted to enable TDE (Transparent Data Encryption), but…

0

PCI DSS 3.2 and SQL Server – By Grant Carter INTRODUCTION

Here is another suite of posts from Grant Carter.   Enjoy. The Payment Card Industry Data Security Standard (PCI DSS) was created to create and enforce data standards and processes for the secure processing of payment cards.  PCI DSS provides technical requirements for protecting data used in card payments.  PCI DSS 3.2 dated April 2016 is…

0

PCI DSS 32 and SQL Server – By Grant Carter Part 4: Additional Info

Terms Used in This Post ·        I/O – Input/Output ·        SHP – Shared Hosting Providers ·        ACL – Access Control List ·        MSP – Managed Service Provider ·        POS – Point Of Sale The first 3 parts of this series covered the base requirements associated with PCI DSS.  Part 4 covers the appendix requirements that…

0

PCI DSS 32 and SQL Server – By Grant Carter Part 3: Monitor, Test, and Maintain

Terms Used in This Post ·        I/O – Input/Output ·        MSP – Managed Service Provider ·        RCA – Root Cause Analysis Identify and authenticate access to system components User activity must be tracked and logged in an effort to prevent or reduce the risk of having PCI data compromised.  This section provides guidance about auditing,…

0

PCI DSS 32 and SQL Server – By Grant Carter Part 2: Antivirus and Coding

PCI DSS 3.2 and SQL Server  – Part 2 Terms Used in This Post I/O – Input/output SSAS – SQL Server Analysis Services SSRS – SQL Server Reporting Services Maintain a Vulnerability Management Program Requirement 5: Deploy antivirus software on all system commonly affected by malicious software Monitoring SQL Server for viruses is an action…

0

PCI DSS 32 and SQL Server – By Grant Carter Part 1: Networking and Data

PCI DSS 3.2 and SQL Server  – Part 1 Terms Used in This Post DMZ – Demilitarized zone often referred to as a perimeter network TLS – Transport Layer Security SSL – Secure Sockets Layer PAN – Primary Account Number PIN – Personal Identification Number EKM – Extensible Key Managment Build & Maintain Secure Networks…

0

SQL Server Support for PCI DSS 3.1

Here is another post from Grant Carter.   The Payment Card Industry Data Security Standard (PCI DSS) was created to describe and enforce data standards and processes for the secure processing of payment cards.  PCI DSS provides technical requirements for protecting data used in card payments.  PCI DSS 3.1 is the most recent revision of…

4

Restoring Through Transaction Log Errors

This post comes from a colleague of mine, Grant Carter.  Grant is a dedicated Premier Field Engineer for Microsoft.  He is based in Boise, Idaho and has been working with SQL Server since 2002.  His experience includes database administration, consulting, and support engineering.  Grant’s expertise is in performance tuning, high availability and disaster recovery, and replication.   By…

0