tailieunhanh - SQL Server Tacklebox- P35

SQL Server Tacklebox- P35: This book, as with almost all books, started out as an idea. I wanted to accumulate together those scripts and tools that I have built over the years so that DBAs could sort through them and perhaps adapt them for their own circumstances. | 7 Securing access to SQL Server financial or healthcare data. However without some investigation we may not be able to give you a granular description of the data or tell you exactly where it is stored social security numbers are stored in the SSN field on table X . More often than not the DBA unless specifically requested did not design the underlying database. What we do know is that there are many avenues leading to that data and that we have to defend every one of them it is a heavy burden to bear. This data nestles snuggly in the lower depths of indexes and tables all potentially brought to light by stored procedures written by developers and report writers that we have to trust to write code that will prevent SQL Injection attacks for example or to store passwords in encrypted form within the database. DBAs not only have to be concerned about who has access to what resources and how the primary topic of what I will cover in this chapter but also about the security of that data at rest and in transit. As we know and have covered previously data is migratory so the data that resides on a server you manage will not stay there for long. It will wind up in text files possibly on the laptop of a developer or log shipped to another location that you are also responsible for where security is just as important. As data guardian commonly now referred to as Data Steward you have to be familiar with all aspects of keeping that data safe from unapproved viewers. Knowing all of the residences even temporary of the data is vital it could be on a network on a tape on a physical disk in a report or accessible to users who are writing ad hoc queries. The introduction of Transparent Data Encryption TDE in SQL Server 2008 is a welcome feature for many DBAs who heretofore had relied on non-SQL native features to encrypt data and log files. Encrypting network packets is another concern for companies with sensitive data to protect. DBAs need to understand how to configure SQL .