Managing Orphaned Users in SQL Server with sp_FindOrphanedUser
Addressing orphaned users is an important piece of SQL Server security management. When left unchecked, you can accumulate an overwhelming number of users that exist in a database but do not have a correlating login in the master database, thus preventing access to the server or the database at all. There are dbatools PowerShell modules … Read more
Introducing sp_CheckBackup: Check Your SQL Server Backups for Recoverability Issues
Whether you are backing up your SQL Server databases with Ola Hallengren’s scripts, Maintenance Plans, or some third-party software, your backups are your lifeline for recovering your data in case of a disaster. So…are your databases recoverable? Do you know WHERE your most recent backups were written? Do you know WHEN they were written? Did … Read more
SQL Server Security: 3 Homework Assignments to Start Today
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. Thanks … Read more
SQL Injection: Deconstructing an Attack
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. As … Read more
Enhancing SQL Server Security: Reviewing and Optimizing Audits
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. Audits … Read more
Your SQL Server Database Owner Might be Causing Privilege Escalation
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. SQL … Read more
What the SQL Server TDE Certificate Expiration Date Does (and does not) Mean
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. Transparent … Read more
The Real Danger Regarding the xp_cmdshell Setting
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. When … Read more
Fixing SQL Server Vulnerabilities With GDRs
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. For … Read more
The Case for Auditing Your SQL Server Login Failures
This post is part of our SQL Server security blog series, 30 SQL Server Security Checks in 30 Days. We’re publishing a new security check every day in the month of June. Visit our sp_CheckSecurity page to learn about our free SQL Server tool you can download and run to check your own server. Login … Read more
2 thoughts on “SQL Server Blog”