When discussing SQL Server security, one of the most important terms is principal. Principals are SQL Server entities, arranged in a hierarchy, which can request specific SQL Server resources. There are various principals in SQL Server, and in this article, we’ll focus on a database user entity. Unlike SQL Server login entities, which are used for accessing a SQL Server instance (a server-level principal), a database user entity (a database-level principal) is used for defining access to a particular database that belongs to the SQL Server instance
February 3, 2014Auditing SELECT statements on SQL Server
Although SELECT statements are not destructive by nature, nor they can change either data or schema, there are several cases that require their auditing on SQL Server. Executed SELECT statements can indicate various current or potential issues, and this is the reason why it’s important to know who-saw-what and when
January 23, 2014HIPAA Compliance for SQL Server DBAs
Health Insurance Portability and Accountability Act (HIPAA) is a security act that sets standards for ensuring security, privacy, confidentiality, integrity, and availability of patient health information – electronic Protected Health Information (PHI).
January 16, 2014FERPA Compliance for SQL Server DBAs
The Family Educational Rights and Privacy Act (FERPA) [1] is a Federal law created to protect the privacy of student education records. It establishes the rights of parents and currently enrolled eligible students to review their education records, request changes of misleading or inaccurate data, and control the record disclosure
December 24, 2013Basel II Compliance for SQL Server DBAs
The Basel Capital Accord Basel II [1] is an improvement of recommendations for banking standards on international scale, based on three intertwined pillars, issued by the Basel Committee on Banking Supervision. It’s an extension the Basel I Accord [1], and it sets risk and management requirements while introducing a data management approach.
December 5, 2013GLBA Compliance for SQL Server DBAs
The Gramm – Leach – Bliley Act (GLBA) is a security and privacy regulations standard created with a purpose to protect consumer financial privacy. To meet GLBA compliance requirements customers must be informed by the financial organizations about the organization’s information privacy and sharing practices. The customers must be provided with explanations about their rights and unambiguous option to deny their financial information to be shared with any third parties.
December 4, 2013Auditing SQL Server data changes – the centralized solution
In the previous part of the Methods for auditing SQL Server data changes articles series, How to analyze and read SQL Server Audit information, we described several native SQL Server auditing features – Change Tracking, Change Data Capture and Audit. We described their unique and shared characteristics, how they store captured information, how to provide the information, and explained the advantages and disadvantages of each feature.
November 27, 2013How to analyze and read SQL Server Audit information
In the previous parts of the SQL Server auditing methods series, we described the SQL Server Audit feature, its characteristics, components, how to configure and use it
November 24, 2013PCI Compliance for SQL Server DBAs
The Payment Card Industry Data Security Standard (PCI DSS, or just PCI) is a security regulations standard related to payment cardholder and card payment information security. Any company or institution that uses and stores such information is obligated to comply with the PCI standard.
November 22, 2013How to set up and use SQL Server Audit
In the previous part of the SQL Server auditing methods series, SQL Server Audit feature – Introduction, we described main features of the SQL Server Auditfeature – its main characteristics, what events it can audit and where the audit information is stored. We also explained two levels of auditing – the database-level and server-level, and three components necessary for using the feature – the SQL Server audit object, database audit specification, and server audit specification
November 17, 2013SQL Server Audit feature – Introduction
In the previous parts of this series, we described two SQL Server auditing features – Change Tracking and Change Data Capture. We showed their characteristics, how to enable them, how to read the results, and listed their advantages and disadvantages
November 14, 2013How to analyze and read Change Data Capture (CDC) records
In the previous article, How to enable and use SQL Server Change Data Capture, we described the main features of SQL Server Change Data Capture and showed how to set it up. Now, we will analyze the records stored in change tables and describe the methods to read them
November 12, 2013Using SQL Server traces for SQL Server auditing – Part 3 – The out-of-the-box solution
In the previous part of the Using SQL Server traces for SQL Server auditing series, we described SQL Server traces technology, what it provides in terms of SQL Server auditing, and how it can be utilized via SQL Server Profiler and the native SQL Server fn_trace_gettable system function.
November 8, 2013Using SQL Server traces for SQL Server auditing – Part 2 – Querying a SQL Server trace
In the previous article we introduced and described the SQL Server traces technology, how it works and what it provides in terms of SQL Server auditing. In this article we’ll continue describing the default trace, and how it can be used with T-SQL, without SQL Profiler
November 8, 2013Using SQL Server traces for SQL Server auditing – Part 1 – The default trace
There are various scenarios that can cause problems with your SQL Server. These issues can come as a result of hardware/software performance issues, a physical failure of hardware components, and/or poorly written SQL queries among other things
November 8, 2013How to enable and use SQL Server Change Data Capture
In the previous article, SQL Server Change Data Capture (CDC) – Introduction, we described the main characteristics of the SQL Server feature for tracking data inserts, deletes and updates – Change Data Capture. We also compared it to another SQL Server auditing feature – SQL Server Change Tracking
November 4, 2013SQL Server Change Data Capture (CDC) – Introduction
In the previous part of this series, How to read SQL Server Change Tracking results, we described SQL Server Change Tracking – its features, how to use it, and how to read the results. We also showed examples of the captured records. If you need to know is whether the row has been changed or not, the type of the last change, and which column was changed, without the details (old and new values, who, and when) about the change, then SQL Server Change Tracking is not the right auditing solution for you
November 1, 2013How to read SQL Server Change Tracking results
As described in the previous article of this series, What is SQL Server Change Tracking and how to set it up, SQL Server Change Tracking shows only the primary key column value for the changed rows, and the type of change – INSERT, DELETE, or UPDATE. Here we will explain change tracking functions, show code examples and demonstrate how to read the Change Tracking results
October 28, 2013What is SQL Server Change Tracking and how to set it up?
SQL DBAs are sometimes confused by the differences in SQL Server Change Tracking and Change Data Capture features. Not only can their names be mixed up, but also feature specifications. The goal of this series is to present each of 3 SQL Server auditing features (Change Tracking, Change Data Capture and SQL Server Auditing) and ApexSQL Audit – a complete third-party solution. We will show their features, similarities, differences, advantages, and disadvantages in order to help users determine the right tool for their auditing requirements
October 23, 2013Using SQL Server database snapshots to protect yourself against accidental data modification
Introduction
How often have you wished you could just quickly undo a DML statement without having to go through the lengthy process of restoring your database backup?
October 22, 2013