SlideShare une entreprise Scribd logo

KoprowskiT_SQLRelayCaerdydd_SQLSecurityInTheClouds

Tobias Koprowski
Tobias Koprowski

slides from session delivered iat SQL Relay 2015 in Caerdydd

Technologie
1  sur  60
Télécharger pour lire hors ligne
Learn, Grow, Adapt 07/10/15 sqlrelay.co.uk/ Nottingham 08/10/15 sqlrelay.co.uk/ Reading 12/10/15 sqlrelay.co.uk/ London 13/10/15 sqlrelay.co.uk/ Bristol 14/10/15 sqlrelay.co.uk/ Cardiff 15/10/15 sqlrelay.co.uk/ Birmingham
Awesome SQL Server conferences on your door step! w: sqlrelay.co.uk t: @sqlrelay_uk SQL Security in the Clouds Independent Consultant @ ShadowLand Consulting http://koprowskit.eu/geek || http://itblogs.pl/notbeautifulanymore
about me • independent consultant, security & licensing auditor • Owner of ShadowLand Consulting • Microsoft Certified Trainer • SQL Server MVP (six… years in a row) • MVP Mentor Program Member • SharePoint Subject Matter Expert at CQURE • active blogger, influencer, technical writer • last 9 years living in Data Processing Center Jungle • last 15 years working arroung banking and ICT • Polish Information Technology Society Board Member • Information Security Systems Association Board Member
1 | Security in a Nutshell 2 | SQL Server Security Best Practices 3 | SQL Server 2014 Security Enhacement 4 | SQL Server Security in The Cloud Summary Appendix AGENDA
1 | Security In A Nutshell
Security? What is this? • Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization. • As noted by the Institute for Security and Open Methodologies (ISECOM) in the OSSTMM 3 (Open Source Security Testing Methodology Manual), security provides "a form of protection where a separation is created between the assets and the threat." These separations are generically called "controls," and sometimes include changes to the asset or the threat.
Categorizing Security - part 1 {IT REALM} • Application security | http://bit.ly/18u8J6p • Computing security | http://bit.ly/1ARdRLd • Data security | http://bit.ly/185wfph • Information security | http://bit.ly/1ARe0ya • Network security | http://bit.ly/1C443R8
Categorizing Security - part 2 {PHYSICAL REALM} • Airport security | http://bit.ly/1LPZcCZ • Food security | http://bit.ly/1MYnii6 • Home security | http://bit.ly/1Gz3VI1 • Infrastructure security | http://bit.ly/1Bm8LIF • Physical security | http://bit.ly/1Gz3VI1 • Port security | http://bit.ly/1ARewMH • Supply chain security | http://bit.ly/1Ex7ob7 • School security | http://bit.ly/17Dl735 • Shopping center security | http://bit.ly/1EUb1FV
Categorizing Security - part 3 {POLITICAL REALM} • Homeland security | http://bit.ly/1AAwZhE • Human security | http://bit.ly/1DhojtU • International security | http://bit.ly/1MYoyli • National security | http://bit.ly/1FEnldu • Public security | http://bit.ly/1wqpX9P
Categorizing Security - part 4 {SQL SERVER REALM} • Application security • Computing security • Data security • Information security • Network security • Home security • Infrastructure security • Physical security • National security • Public security
2 | SQL Server Security Best Practices
SQL Server Security Best Practices • Efficiency and security have an inverse relationship to one another. • You can have high efficiency or high security, but not both. Example: `Small Bank Company` tend to favor efficiency over security: • Cost limitations. This is the first and obvious reason. Community banks are fighting a constant battle to remain competitive. Implementing security in systems adds costs - there is no way around it. • Risk. It's not always a conscious decision for a bank to improve efficiency by sacrificing security. Sometimes there's a lack of understanding of the risks associated with the systems we deploy. • Personnel limitations. The many-hats syndrome runs rampant in smaller community banks. • Regulatory emphasis. The current regulatory environment stresses controls as they relate to policy and procedures.
authentication • SQL Server supports: • Windows Authentication Mode which supports • Kerberos • NTLM (Windows NT Lan Manager) • Mixed Mode Authentication which supports • Windows Accounts • SQL Server specific accounts SECURITY BEST PRACTICES Best Practice: use Windows Authentication mode unless legacy application require Mixed Authentication for backward compability
secure sysadmin account • sysadmin account (sa) is most vulnerable account when it’s not changed • potential SQL Server attackers, hackers aware of this SECURITY BEST PRACTICES Best Practice: change name of sysadmin account after installation SSMS>Object Explorer>Logins>Rename (right click) / T-SQL
use complex password SECURITY BEST PRACTICES Best Practice: ensure that complex password are used for sa and other sql-server-specific logins. Think about ENFORCE EXPIRATION & MUST_CHANGE for any new SQL login
use specific logins Best Practice: use different accounts for different sql-server oriented services Component Windows Server 2008 Windows 7 and Windows Server 2008 R2 and higher Recommended accounts Database Engine NETWORK SERVICE Virtual Account * SQL_Engine SQL Server Agent NETWORK SERVICE Virtual Account * SQL_Agent SSAS NETWORK SERVICE Virtual Account * SQL_srvAS SSIS NETWORK SERVICE Virtual Account * SQL_srvIS SSRS NETWORK SERVICE Virtual Account * SQL_srvRS SQL Server Distributed Replay Controller NETWORK SERVICE Virtual Account * SQL_DRContro SQL Server Distributed Replay Client NETWORK SERVICE Virtual Account * SQL_DRReplay FD Launcher (Full-text Search) LOCAL SERVICE Virtual Account SQL Server Browser LOCAL SERVICE LOCAL SERVICE SQL Server VSS Writer LOCAL SYSTEM LOCAL SYSTEM SECURITY BEST PRACTICES
sysadmin membership • Member of sysadmin fixed-server role can do whatever they want on SQL Server • by default sysadmin fixed-server role has CONTROL SERVER permission granted explicity • do not explicitly grant CONTROL SERVER for Windows logins, Windows Group logins and SQL logins SECURITY BEST PRACTICES Best Practice: carefully choose the membership of sysadmin fixed-server
general administration • everything (almost always) works under sa account especially with CONTROL SERVER permission • institute dedicated Windows logins for DBAs, and assign these logins sysadmin rights on SQL Server for administration purposes. SECURITY BEST PRACTICES Best Practice: use built-in fixed server roles and database roles or create your custom roles, then apply for specific logins
revoke guest access • by default guest accounts exist in every user and system databases • is a potential security risk in lock down environment • those accounts could be targets for attackers • asssign public server role membership if you will need explicit access to user databases SECURITY BEST PRACTICES Best Practice: disable all gueast user access from all user and system databases (excluding msdb database)
limit public permission • SQL Server has many Stored Procedures and many od them have public access permission: • OLE AUTOMATION: sp_OACreate, sp_OAGetProperty, sp_OAStop, sp_OAMethod, sp_OAGerErrorInfo, sp_OADestroy, sp_OASetProperty • REGISTRY ACCESS: xp_regremovemultistring, xp_regaddmultistring, xp_regread, xp_regdeletekey, xp_regdeletevalue, xp_regwrite • OTHER ROUTINES: sp_sdidebug, xp_logevent, sp_sprintf, xp_dsninfo, xp_msver, sp_sscanf, xp_stopmail, xp_grantlogin, xp_eventlog, xp_dirtree SECURITY BEST PRACTICES Best Practice: revoke public role access for some axtended procedures and check other store procedures
hardening sql server ports • default sql server port 1433/1434 is well known as standard target for hackers • by using SQL Server Configuration Manager you: • can change default port • can use specific TCP port intead of dynamic • remeber about similar TCP/UDP ports (1433, 1434) SECURITY BEST PRACTICES Best Practice: change default SQL Server port if it’s possible
disable sql server browser • by default SQL Server Browser is disabled • tt’s necessary to run when multiple instances are running on a single server • any Windows user having the following rights would be capable to run the SQL Server Browser service: • deny access to this computer from the network / deny logon locally / deny logon as a batch job • Deny logon through Terminal Services / log on as a service / read and write the SQL Server registry keys related to network communication (ports and pipes) SECURITY BEST PRACTICES Best Practice: change default SQL Server port if it’s possible
secure service accounts • different service accounts for different services • dedicated low-privileges domain accounts • check membership on a regular basis • use strong and different passwords for each account SECURITY BEST PRACTICES Best Practice: create good plan and make note about service accounts and passwords
3 | SQL Server 2014 Security Enhacements
transparent data encryption • first introduced with SQL Server 2008 • protecting data by performing I/O encryption and decryption for database and log files • passphrase (less secure), asymmetric key (strong protection, poor performance), symmetric key (good performance, strong enough protection), certificate (strong protection, good performance) • New functionality for backup: • takes non-encrypted backup data • encrypt data before writing to disk • compression is performed on the backup data first • then encryption is applied to compressed data • support for backup to Azure SQL14 SECURITY ENHACEMENTS
encryption key management • Encryption options include: • encryption algorithm • certificate or asymmetric key • only asymmetric key reside in EKM is supported • multiple algorithm up to AES-256 are supported • manageable by PowerShell, SMO, SSMS, T-SQL • VERY IMPORTANT: • asymmetric key or certificate MUST be backed up • location MUST be different than backup location • No RESTORE without asymmetric key or certificate SQL14 SECURITY ENHACEMENTS
connect any database • new server-level permission • grant CONNECT ANY DATABASE to a login that must connect to all databases currently exist and any new in future • does not grant any parmission in any database beyond connect • to allow an auditing process to view all data or all database states CONNECT ANY DATABASE may be combined with: • SELECT ALL USER SECURABLES • VIEW SERVER STATE SQL14 SECURITY ENHACEMENTS
impersonate any login • new server-level permission • when granted IMPERSONATE ANY LOGIN allows a middle-tier process to impersonate the account of clients connecting to it • when denied IMPERSONATE ANY LOGIN a high privileged login can be blocked from impersonating other logins • example: CONTROL SERVER permission can be blocked from impersonating other logins SQL14 SECURITY ENHACEMENTS
select all user securables • new server-level permission • when granted SELECT ALL USER SECURABLES a login (for example for auditing purposes) can view data in all databases that the user can connect to SQL14 SECURITY ENHACEMENTS
SQL Server Express Security • by default: • instance name: SQLExpress • networking protocol: disabled • sql server browser: disabled • user (local) instances: • separated instance generated from parent instance • sysadmin privileges on SQL Express on local machine • runs as user process not as service process • only windows logins are supported • RANU instance (run as normal user)
4 | SQL Server Security In The Cloud
Cloud Security Microsoft Cloud Security Approach in a Nutshell • Principles, patterns, and practices • Security engineering • Threats and countermeasures • Secure the network, host, and application • Application scenarios and solutions • Security frame • People, process, and technology • Application, infrastructure, and business http://bit.ly/1zmeYi2
Security Model • uses regular sql security model • authenticate logins, map to users and roles • authorize users and roles to sql objects • support for standard sql auth logins • username + password • {admin, administrator, guest, root, sa} Security model is 100% compatible with on-premise SQL
Security Requirements for Azure Platform Microsoft Azure Datacenters • North America • North-central US - Chicago, IL • South-central US - San Antonio, TX • West US - California • East US - Virginia • Asia • East Asia - Hong Kong, China • South East Asia – Singapore • South America • Brasil – Sao Paulo • Europe • North Europe - Dublin, Ireland • West Europe - Amsterdam, Netherlands • Japan • Japan East, the Tokyo area • Japan West, the Kansai area • Oceania (announced, coming soon) • Sydney, New South Wales • Melbourne, Victoria
Security Requirements for Azure Platform • As a Service Provider Microsoft has an obligation to passing the several rules for security: • ISO 27001/27002 Audit and Certification • SOC 1/SSAE 16/ISAE 3402 and SOC 2 Attestations • Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) • Payment Card Industry (PCI) Data Security Standards (DSS) Level 1
Security Requirements for Azure Platform Also they passing (…) several data securing audits: • Australian Government Information Security Registered Assessors Program (IRAP) • United Kingdom G-Cloud Australian Government IRAP • Multi-Tier Cloud Security Standard for Singapore (MTCS SS 584:2013) • HIPAA Business Associate Agreement (BAA) • EU Model Clauses • Food and Drug Administration 21 CFR Part 11 • Family Educational Rights and Privacy Act (FERPA) • Federal Information Processing Standard (FIPS) 140-2 • Trusted Cloud Service Certification developed by China Cloud Computing Promotion and Policy Forum (CCCPPF) • Multi-Level Protection Scheme (MLPS)
Security Requirements for Azure Platform ISO/IEC 27001:2005 Audit and Certification ISO Scope: The following Azure features are in scope for the current ISO audit: Cloud Services (including Fabric and RDFE), Storage (Tables, Blobs, Queues), Virtual Machines (including with SQL Server), Virtual Network, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile Services, Service Bus, Workflow, Multi-Factor Authentication, Active Directory, Right Management Service, SQL Database, and HDInsight. This includes the Information Security Management System (ISMS) for Azure, encompassing infrastructure, development, operations, and support for these features. Also included are Power BI for Office 365 and Power Query Service. SOC 1 and SOC 2 SSAE 16/ISAE 3402 Attestations Scope: The following Azure features are in scope for the current SOC 1 Type 2 and SOC 2 Type 2 attestations: Cloud Services (includes stateless Web, and Worker roles), Storage (Tables, Blobs, Queues), Virtual Machines (includes persistent virtual machines for use with supported operating systems) and Virtual Network (includes Traffic Manager).
Security Requirements for Azure Platform And of course requirements for Data Centers: • Physical security of the data centers (locks, cameras, biometric devices, card readers, alarms) • Firewalls, application gateways and IDS to protect the network • Access Control Lists (ACLs) applied to virtual local area networks (VLANs) and applications • Authentication and authorization of persons or processes that request access to data • Hardening of the servers and operating system instances • Redundant internal and external DNS infrastructure with restricted write access • Securing of virtual machine objects • Securing of static and dynamic storage containers
SQL Server 2005 {9.0} NON-Compability • Common Language Runtime (CLR) and CLR User-Defined Types • Database Mirroring • Service Broker • Table Partitioning • Typed XML and XML indexing is not supported. The XML data type is supported by SQL Azure.
SQL Server 2008 {10.0} NON-Compability • Change Data Capture • Data Auditing • Data Compression • Extended Events • External Key Management / Extensible Key Management • FILESTREAM Data • Integrated Full-Text Search • Large User-Defined Aggregates (UDAs) • Large User-Defined Types (UDTs) • Performance Data Collection (Data Collector) • Policy-Based Management • Resource Governor • SQL Server Replication • Transparent Data Encryption
SQL Server 2008 R2 {10.50} NON-Compability • SQL Server Utility • SQL Server PowerShell Provider • Master Data Services SQL Server Management Studio does not support Windows Azure SQL Database in versions prior to SQL Server 2008 R2
Summary
SQL Server Security in the Cloud • Same security principals like SQL Server on premise • Full responsibility for DBA with Virtual Machine • Partial responsibility for DBA with Azure SQL Database • Automatic updates for Azure SQL Database • New functionality implemented by Microsoft • Some incompabilities with t-sql, functions, store procedures • Increased security by default on Azure platform
SQL Server in Cloud: WASD vs VM Choose Azure SQL Database, if: • You are building brand new, cloud-based applications; or you want to migrate your existing SQL Server database to Azure and your database is not using one of the unsupported functionalities in Azure SQL Database. For more information, see Azure SQL Database Transact-SQL Reference. This approach provides the benefits of a fully managed cloud service and ensures the fast time-to-market. • You want to have Microsoft perform common management operations on your databases and require stronger availability SLAs for databases. This approach can minimize the administration costs and at the same time provides a guaranteed availability for the database. Choose SQL Server in Azure VM, if: • You have existing on-premises applications and wish to stop maintaining your own hardware or you consider hybrid solutions. This approach lets you get access to high database capacity faster and also connects your on-premises applications to the cloud via a secure tunnel. • You have existing IT resources, need full administrative rights over SQL Server, and require the full compatibility with on-premises SQL Server (for example, some features do not exist in Azure SQL Database). This approach lets you minimize costs for development or modifications of existing applications with the flexibility to run most applications. In addition, it provides full control on the VM, operating system, and database configuration.
Appendix (Links And Credits)
links • ISECOM (the Institute for Security and Open Methodologies) • http://www.isecom.org/about-us.html • OSSTMM (Open Source Security Testing Methodology Manual) • http://www.isecom.org/research/osstmm.html • Library of Resources for Industrial Control System Cyber Security • https://scadahacker.com/library/index.html • patterns & practices: Cloud Security Approach in a Nutshell • https://technet.microsoft.com/en-us/ff742848.aspx • Microsoft Azure Trust Center: Security • http://azure.microsoft.com/en-us/support/trust-center/security/ • 10 Things to know about Azure Security • https://technet.microsoft.com/en-us/cloud/gg663906.aspx • Security Best Practice and Label Security Whitepapers • http://blogs.msdn.com/b/sqlsecurity/archive/2012/03/07/security-best-practice-and-label-security-whitepapers.aspx
links • Hello Secure World • http://www.microsoft.com/click/hellosecureworld/default.mspx • SQL Server Label Security Toolkit • http://sqlserverlst.codeplex.com/ SQL Server Best Practices Analyzer • Microsoft Baseline Configuration Analyzer 2.0 • http://www.microsoft.com/en-us/download/details.aspx?id=16475 • SQL Server 2005 Best Practices Analyzer (August 2008) • http://www.microsoft.com/en-us/download/details.aspx?id=23864 • Microsoft® SQL Server® 2008 R2 Best Practices Analyzer • http://www.microsoft.com/en-us/download/details.aspx?id=15289 • Microsoft® SQL Server® 2012 Best Practices Analyzer • http://www.microsoft.com/en-us/download/details.aspx?id=29302
links • Microsoft Security Assessment Tool • http://www.microsoft.com/downloads/details.aspx?FamilyID=6D79DF9C-C6D1-4E8F-8000- 0BE72B430212&displaylang=en • Microsoft Application Verifier • http://www.microsoft.com/downloads/details.aspx?FamilyID=bd02c19c-1250-433c-8c1b- 2619bd93b3a2&DisplayLang=en • Microsoft Threat Analysis & Modelling Tool • http://www.microsoft.com/downloads/details.aspx?FamilyID=59888078-9daf-4e96-b7d1- 944703479451&DisplayLang=en • How To: Protect From SQL Injection in ASP.NET • http://msdn2.microsoft.com/en-us/library/ms998271.aspx • Securing Your Database Server • http://msdn.microsoft.com/en-us/library/aa302434.aspx • Threats and Countermeasures • http://www.microsoft.com/technet/security/guidance/serversecurity/tcg/tcgch00.mspx
links • Configure Windows Service Accounts and Permissions • https://msdn.microsoft.com/en-us/library/ms143504.aspx#Network_Service • Select an Account for the SQL Server Agent Service • https://msdn.microsoft.com/en-us/library/ms191543.aspx • Server Configuration - Service Accounts • https://msdn.microsoft.com/en-us/library/cc281953.aspx
azure resources: security • Azure Security: Technical Insights • Security Best Practices for Developing Azure Solutions • Protecting Data in Azure • Azure Network Security • Microsoft Antimalware for Azure Cloud Services and Virtual Machines • Microsoft Enterprise Cloud Red Teaming • Microsoft Azure Security and Audit Log Management • Security Management in Microsoft Azure • Crypto Services and Data Security in Azure
azure resources: security & privacy • Business Continuity for Azure • Understanding Security Account Management in Azure • Azure Data Security: Cleansing and Leakage • Scenarios and Solutions Using Azure Active Directory Access Control • Securing and Authenticating a Service Bus Connection • Azure Privacy Overview (PDF) • Azure Privacy Statement • Law Enforcement Request Report • Protecting Data and Privacy in the Cloud
azure resources: compliance & more • Response to Cloud Security Alliance Cloud Controls Matrix (DOC) • Azure HIPAA Implementation Guidance (PDF) • Azure Customer PCI Guide (PDF) • The Microsoft Approach to Cloud Transparency (PDF) • Microsoft Trustworthy Computing • Operational Security for Online Services Overview (PDF) • Data Classification for Cloud Readiness • CISO Perspectives on Data Classification (PDF) • An Introduction to Designing Reliable Cloud Services (PDF) • Deploying Highly Available and Secure Cloud Solutions (PDF)
azure resources RESOURCE DESCRIPTION MSDN: Azure SQL Database MSDN: SQL Server in Azure Virtual Machines Azure.com: Azure SQL Database Links to the library documentation. Azure SQL Database and SQL Server -- Performance and Scalability Compared and Contrasted This article explains performance differences and troubleshooting techniques when using Azure SQL Database and SQL Server running on- premises or in a VM. Application Patterns and Development Strategies for SQL Server in Azure Virtual Machines This article discusses the most common application patterns that apply to SQL Server in Azure VMs and also hybrid scenarios including Azure SQL Database. Microsoft Enterprise Library Transient Fault Handling Application Block This library lets developers make their applications running on Azure SQL Database more resilient by adding robust transient fault handling logic. Transient faults are errors that occur because of some temporary condition such as network connectivity issues or service unavailability. Since Azure SQL Database is a multitenant service, it is important to handle such errors to minimize any application downtime.
credits • Yes, 123456 is the most common password, but here’s why that’s misleading http://arstechnica.com/security/2015/01/yes-123456-is-the-most-common-password-but-heres-why-thats-misleading/ • CIO’s are Listening, Security is Important… https://communities.intel.com/community/itpeernetwork/blog/2014/05/20/cio-s-are-listening-security-is-important
after session CONTACT: • MAIL: KoprowskiT@windowslive.com • SOCIAL MEDIA: facebook, twitter, linkedin, xing SLIDES FROM SESSION: • SlideShare Profile: http://www.slideshare.net/Anorak • SQL Relay Site: http://www.sqlrelay.co.uk BLOGS: • ITPRO Anorak’s Vision: http://itblogs.pl/notbeautifulanymore/ [PL/EN] • Volume Licensing Specialites: http://koprowskit.eu/licensing/ [PL] • My MVP Blog: http://koprowskit.eu/geek/ [EN/ES/RU/NL/PL]

Recommandé

KoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersKoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersTobias Koprowski
 
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheCloudsKoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheCloudsTobias Koprowski
 
KoprowskiT_SQLSatMoscow_2AMaDisaterJustBegan
KoprowskiT_SQLSatMoscow_2AMaDisaterJustBeganKoprowskiT_SQLSatMoscow_2AMaDisaterJustBegan
KoprowskiT_SQLSatMoscow_2AMaDisaterJustBeganTobias Koprowski
 
KoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBegan
KoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBeganKoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBegan
KoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBeganTobias Koprowski
 
KoprowskiT_SQLSat409_MaintenancePlansForBeginners
KoprowskiT_SQLSat409_MaintenancePlansForBeginnersKoprowskiT_SQLSat409_MaintenancePlansForBeginners
KoprowskiT_SQLSat409_MaintenancePlansForBeginnersTobias Koprowski
 
KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015
KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015
KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015Tobias Koprowski
 
KoprowskiT-Difinify2017-SQL_Security_In_The_Cloud
KoprowskiT-Difinify2017-SQL_Security_In_The_CloudKoprowskiT-Difinify2017-SQL_Security_In_The_Cloud
KoprowskiT-Difinify2017-SQL_Security_In_The_CloudTobias Koprowski
 
KoprowskiT-Difinify2017-SQL_ServerBackup_In_The_Cloud
KoprowskiT-Difinify2017-SQL_ServerBackup_In_The_CloudKoprowskiT-Difinify2017-SQL_ServerBackup_In_The_Cloud
KoprowskiT-Difinify2017-SQL_ServerBackup_In_The_CloudTobias Koprowski
 

Recommandé

KoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersKoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersTobias Koprowski
 
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheCloudsKoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheCloudsTobias Koprowski
 
KoprowskiT_SQLSatMoscow_2AMaDisaterJustBegan
KoprowskiT_SQLSatMoscow_2AMaDisaterJustBeganKoprowskiT_SQLSatMoscow_2AMaDisaterJustBegan
KoprowskiT_SQLSatMoscow_2AMaDisaterJustBeganTobias Koprowski
 
KoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBegan
KoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBeganKoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBegan
KoprowskiT_PASSEastMidsFEB16_2AMaDisasterJustBeganTobias Koprowski
 
KoprowskiT_SQLSat409_MaintenancePlansForBeginners
KoprowskiT_SQLSat409_MaintenancePlansForBeginnersKoprowskiT_SQLSat409_MaintenancePlansForBeginners
KoprowskiT_SQLSat409_MaintenancePlansForBeginnersTobias Koprowski
 
KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015
KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015
KoprowskiT_SQLRelayNottingham_BackupAndRestoreAD2015Tobias Koprowski
 
KoprowskiT-Difinify2017-SQL_Security_In_The_Cloud
KoprowskiT-Difinify2017-SQL_Security_In_The_CloudKoprowskiT-Difinify2017-SQL_Security_In_The_Cloud
KoprowskiT-Difinify2017-SQL_Security_In_The_CloudTobias Koprowski
 
KoprowskiT-Difinify2017-SQL_ServerBackup_In_The_Cloud
KoprowskiT-Difinify2017-SQL_ServerBackup_In_The_CloudKoprowskiT-Difinify2017-SQL_ServerBackup_In_The_Cloud
KoprowskiT-Difinify2017-SQL_ServerBackup_In_The_CloudTobias Koprowski
 
Windows 7 Feature Overview It Academic Day 2009
Windows 7 Feature Overview It Academic Day 2009Windows 7 Feature Overview It Academic Day 2009
Windows 7 Feature Overview It Academic Day 2009Tobias Koprowski
 
KoprowskiT_SQLAzureLandingInBelfast
KoprowskiT_SQLAzureLandingInBelfastKoprowskiT_SQLAzureLandingInBelfast
KoprowskiT_SQLAzureLandingInBelfastTobias Koprowski
 
Introduction to SQL Server Analysis services 2008
Introduction to SQL Server Analysis services 2008Introduction to SQL Server Analysis services 2008
Introduction to SQL Server Analysis services 2008Tobias Koprowski
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 
KoprowskiT - SQLBITS X - 2am a disaster just began
KoprowskiT - SQLBITS X - 2am a disaster just beganKoprowskiT - SQLBITS X - 2am a disaster just began
KoprowskiT - SQLBITS X - 2am a disaster just beganTobias Koprowski
 
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBAKoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBATobias Koprowski
 
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudTobias Koprowski
 
KoprowskiT_SPBizConference_2AMaDisasterJustBegan
KoprowskiT_SPBizConference_2AMaDisasterJustBeganKoprowskiT_SPBizConference_2AMaDisasterJustBegan
KoprowskiT_SPBizConference_2AMaDisasterJustBeganTobias Koprowski
 
KoprowskiT_it_camp2013 - 2amADisasterJustBegan
KoprowskiT_it_camp2013 - 2amADisasterJustBeganKoprowskiT_it_camp2013 - 2amADisasterJustBegan
KoprowskiT_it_camp2013 - 2amADisasterJustBeganTobias Koprowski
 
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityThe Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityChris Bell
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013sqlserver.co.il
 
Sql Server Security Best Practices
Sql Server Security Best PracticesSql Server Security Best Practices
Sql Server Security Best PracticesInformation Technology
 
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...Trivadis
 
SQL Azure for ITPros
SQL Azure for ITProsSQL Azure for ITPros
SQL Azure for ITProsTobias Koprowski
 
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
44spotkaniePLSSUGWRO_CoNowegowKrainieChmurTobias Koprowski
 
Improve oracle 12c security
Improve oracle 12c securityImprove oracle 12c security
Improve oracle 12c securityLaurent Leturgez
 
Oracle and Docker
Oracle and DockerOracle and Docker
Oracle and DockerStefan Oehrli
 
SQL Server 2012 Security Task
SQL Server 2012 Security TaskSQL Server 2012 Security Task
SQL Server 2012 Security TaskYaakub Idris
 
IaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABIaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABStefan Oehrli
 
Adi Sapir ISUG 123 11/10/2012
Adi Sapir ISUG 123 11/10/2012Adi Sapir ISUG 123 11/10/2012
Adi Sapir ISUG 123 11/10/2012sqlserver.co.il
 
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLAPLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLATobias Koprowski
 
Beginning to Spatial Data in SQL Server 2008
Beginning to Spatial Data in SQL Server 2008Beginning to Spatial Data in SQL Server 2008
Beginning to Spatial Data in SQL Server 2008Tobias Koprowski
 

Contenu connexe

Tendances

Windows 7 Feature Overview It Academic Day 2009
Windows 7 Feature Overview It Academic Day 2009Windows 7 Feature Overview It Academic Day 2009
Windows 7 Feature Overview It Academic Day 2009Tobias Koprowski
 
KoprowskiT_SQLAzureLandingInBelfast
KoprowskiT_SQLAzureLandingInBelfastKoprowskiT_SQLAzureLandingInBelfast
KoprowskiT_SQLAzureLandingInBelfastTobias Koprowski
 
Introduction to SQL Server Analysis services 2008
Introduction to SQL Server Analysis services 2008Introduction to SQL Server Analysis services 2008
Introduction to SQL Server Analysis services 2008Tobias Koprowski
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 
KoprowskiT - SQLBITS X - 2am a disaster just began
KoprowskiT - SQLBITS X - 2am a disaster just beganKoprowskiT - SQLBITS X - 2am a disaster just began
KoprowskiT - SQLBITS X - 2am a disaster just beganTobias Koprowski
 
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBAKoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBATobias Koprowski
 
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudTobias Koprowski
 
KoprowskiT_SPBizConference_2AMaDisasterJustBegan
KoprowskiT_SPBizConference_2AMaDisasterJustBeganKoprowskiT_SPBizConference_2AMaDisasterJustBegan
KoprowskiT_SPBizConference_2AMaDisasterJustBeganTobias Koprowski
 
KoprowskiT_it_camp2013 - 2amADisasterJustBegan
KoprowskiT_it_camp2013 - 2amADisasterJustBeganKoprowskiT_it_camp2013 - 2amADisasterJustBegan
KoprowskiT_it_camp2013 - 2amADisasterJustBeganTobias Koprowski
 
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityThe Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityChris Bell
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013sqlserver.co.il
 
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...Trivadis
 
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
44spotkaniePLSSUGWRO_CoNowegowKrainieChmurTobias Koprowski
 
Improve oracle 12c security
Improve oracle 12c securityImprove oracle 12c security
Improve oracle 12c securityLaurent Leturgez
 
SQL Server 2012 Security Task
SQL Server 2012 Security TaskSQL Server 2012 Security Task
SQL Server 2012 Security TaskYaakub Idris
 
IaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABIaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABStefan Oehrli
 
Adi Sapir ISUG 123 11/10/2012
Adi Sapir ISUG 123 11/10/2012Adi Sapir ISUG 123 11/10/2012
Adi Sapir ISUG 123 11/10/2012sqlserver.co.il
 

Tendances (20)

Windows 7 Feature Overview It Academic Day 2009
Windows 7 Feature Overview It Academic Day 2009Windows 7 Feature Overview It Academic Day 2009
Windows 7 Feature Overview It Academic Day 2009
 
KoprowskiT_SQLAzureLandingInBelfast
KoprowskiT_SQLAzureLandingInBelfastKoprowskiT_SQLAzureLandingInBelfast
KoprowskiT_SQLAzureLandingInBelfast
 
Introduction to SQL Server Analysis services 2008
Introduction to SQL Server Analysis services 2008Introduction to SQL Server Analysis services 2008
Introduction to SQL Server Analysis services 2008
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
 
KoprowskiT - SQLBITS X - 2am a disaster just began
KoprowskiT - SQLBITS X - 2am a disaster just beganKoprowskiT - SQLBITS X - 2am a disaster just began
KoprowskiT - SQLBITS X - 2am a disaster just began
 
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBAKoprowskiT_Session2_SDNEvent_SourceControlForDBA
KoprowskiT_Session2_SDNEvent_SourceControlForDBA
 
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#8_Birmingham_FromPlanToBackupToCloud
 
KoprowskiT_SPBizConference_2AMaDisasterJustBegan
KoprowskiT_SPBizConference_2AMaDisasterJustBeganKoprowskiT_SPBizConference_2AMaDisasterJustBegan
KoprowskiT_SPBizConference_2AMaDisasterJustBegan
 
KoprowskiT_it_camp2013 - 2amADisasterJustBegan
KoprowskiT_it_camp2013 - 2amADisasterJustBeganKoprowskiT_it_camp2013 - 2amADisasterJustBegan
KoprowskiT_it_camp2013 - 2amADisasterJustBegan
 
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityThe Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server Security
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013
 
Sql Server Security Best Practices
Sql Server Security Best PracticesSql Server Security Best Practices
Sql Server Security Best Practices
 
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
TechEvent 2019: Oracle Databases as Managed Service at AWS, Yes it works!; Al...
 
SQL Azure for ITPros
SQL Azure for ITProsSQL Azure for ITPros
SQL Azure for ITPros
 
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
44spotkaniePLSSUGWRO_CoNowegowKrainieChmur
 
Improve oracle 12c security
Improve oracle 12c securityImprove oracle 12c security
Improve oracle 12c security
 
Oracle and Docker
Oracle and DockerOracle and Docker
Oracle and Docker
 
SQL Server 2012 Security Task
SQL Server 2012 Security TaskSQL Server 2012 Security Task
SQL Server 2012 Security Task
 
IaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABIaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LAB
 
Adi Sapir ISUG 123 11/10/2012
Adi Sapir ISUG 123 11/10/2012Adi Sapir ISUG 123 11/10/2012
Adi Sapir ISUG 123 11/10/2012
 

En vedette

PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLAPLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLATobias Koprowski
 
Beginning to Spatial Data in SQL Server 2008
Beginning to Spatial Data in SQL Server 2008Beginning to Spatial Data in SQL Server 2008
Beginning to Spatial Data in SQL Server 2008Tobias Koprowski
 
Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...
Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...
Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...Tomasz Kopacz
 
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...Tobias Koprowski
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Presentation 1er Groupe De Travail Version Finale
Presentation 1er Groupe De Travail Version FinalePresentation 1er Groupe De Travail Version Finale
Presentation 1er Groupe De Travail Version Finaleguest71c3815
 
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLA
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLAWysoka Dostępność SQL Server 2008 w kontekscie umów SLA
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLATobias Koprowski
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyChristian Buckley
 
Nine Pages You Should Optimize on Your Blog and How
Nine Pages You Should Optimize on Your Blog and HowNine Pages You Should Optimize on Your Blog and How
Nine Pages You Should Optimize on Your Blog and HowLeslie Samuel
 
Recovery: Job Growth and Education Requirements Through 2020
Recovery: Job Growth and Education Requirements Through 2020Recovery: Job Growth and Education Requirements Through 2020
Recovery: Job Growth and Education Requirements Through 2020CEW Georgetown
 
Beyond the Gig Economy
Beyond the Gig EconomyBeyond the Gig Economy
Beyond the Gig EconomyJon Lieber
 
African Americans: College Majors and Earnings
African Americans: College Majors and Earnings African Americans: College Majors and Earnings
African Americans: College Majors and Earnings CEW Georgetown
 
3 hard facts shaping higher education thinking and behavior
3 hard facts shaping higher education thinking and behavior3 hard facts shaping higher education thinking and behavior
3 hard facts shaping higher education thinking and behaviorGrant Thornton LLP
 
The Online College Labor Market
The Online College Labor MarketThe Online College Labor Market
The Online College Labor MarketCEW Georgetown
 

En vedette (14)

PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLAPLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
PLSSUG Meeting - Wysoka dostepność SQL Server 2008 w kontekscie umów SLA
 
Beginning to Spatial Data in SQL Server 2008
Beginning to Spatial Data in SQL Server 2008Beginning to Spatial Data in SQL Server 2008
Beginning to Spatial Data in SQL Server 2008
 
Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...
Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...
Tomasz Kopacz MTS 2012 Azure - Co i kiedy użyć (IaaS vs paas vshybrid cloud v...
 
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
Presentation 1er Groupe De Travail Version Finale
Presentation 1er Groupe De Travail Version FinalePresentation 1er Groupe De Travail Version Finale
Presentation 1er Groupe De Travail Version Finale
 
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLA
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLAWysoka Dostępność SQL Server 2008 w kontekscie umów SLA
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLA
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance Strategy
 
Nine Pages You Should Optimize on Your Blog and How
Nine Pages You Should Optimize on Your Blog and HowNine Pages You Should Optimize on Your Blog and How
Nine Pages You Should Optimize on Your Blog and How
 
Recovery: Job Growth and Education Requirements Through 2020
Recovery: Job Growth and Education Requirements Through 2020Recovery: Job Growth and Education Requirements Through 2020
Recovery: Job Growth and Education Requirements Through 2020
 
Beyond the Gig Economy
Beyond the Gig EconomyBeyond the Gig Economy
Beyond the Gig Economy
 
African Americans: College Majors and Earnings
African Americans: College Majors and Earnings African Americans: College Majors and Earnings
African Americans: College Majors and Earnings
 
3 hard facts shaping higher education thinking and behavior
3 hard facts shaping higher education thinking and behavior3 hard facts shaping higher education thinking and behavior
3 hard facts shaping higher education thinking and behavior
 
The Online College Labor Market
The Online College Labor MarketThe Online College Labor Market
The Online College Labor Market
 

Similaire à KoprowskiT_SQLRelayCaerdydd_SQLSecurityInTheClouds

KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloudKoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloudTobias Koprowski
 
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!ITCamp
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
Isaca sql server 2008 r2 security & auditing
Isaca sql server 2008 r2 security & auditingIsaca sql server 2008 r2 security & auditing
Isaca sql server 2008 r2 security & auditingAntonios Chatzipavlis
 
Azure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim RadneyAzure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim RadneyHasan Savran
 
SQLi for Security Champions
SQLi for Security ChampionsSQLi for Security Champions
SQLi for Security ChampionsPetraVukmirovic
 
MySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 SecurityMySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 SecurityMark Swarbrick
 
Going outside the application
Going outside the applicationGoing outside the application
Going outside the applicationMatthew Saltzman
 
Geek Sync | Handling HIPAA Compliance with Your Data Access
Geek Sync | Handling HIPAA Compliance with Your Data AccessGeek Sync | Handling HIPAA Compliance with Your Data Access
Geek Sync | Handling HIPAA Compliance with Your Data AccessIDERA Software
 
Elk its big log season
Elk its big log seasonElk its big log season
Elk its big log seasonEric Luellen
 
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Andrejs Prokopjevs
 
The Dark Side of Powerful Users
The Dark Side of Powerful UsersThe Dark Side of Powerful Users
The Dark Side of Powerful UsersHelpSystems
 
Modern Data Security with MySQL
Modern Data Security with MySQLModern Data Security with MySQL
Modern Data Security with MySQLVittorio Cioe
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...Amazon Web Services
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008Denny Lee
 
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...Michael Pirnat
 
Centrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxCentrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxjohncenafls
 

Similaire à KoprowskiT_SQLRelayCaerdydd_SQLSecurityInTheClouds (20)

KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloudKoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
 
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewall
 
Isaca sql server 2008 r2 security & auditing
Isaca sql server 2008 r2 security & auditingIsaca sql server 2008 r2 security & auditing
Isaca sql server 2008 r2 security & auditing
 
Azure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim RadneyAzure SQL Database Introduction by Tim Radney
Azure SQL Database Introduction by Tim Radney
 
SQLi for Security Champions
SQLi for Security ChampionsSQLi for Security Champions
SQLi for Security Champions
 
MySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 SecurityMySQL Tech Tour 2015 - 5.7 Security
MySQL Tech Tour 2015 - 5.7 Security
 
Going outside the application
Going outside the applicationGoing outside the application
Going outside the application
 
Geek Sync | Handling HIPAA Compliance with Your Data Access
Geek Sync | Handling HIPAA Compliance with Your Data AccessGeek Sync | Handling HIPAA Compliance with Your Data Access
Geek Sync | Handling HIPAA Compliance with Your Data Access
 
Elk its big log season
Elk its big log seasonElk its big log season
Elk its big log season
 
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)
 
The Dark Side of Powerful Users
The Dark Side of Powerful UsersThe Dark Side of Powerful Users
The Dark Side of Powerful Users
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 
Dakotacon 2017
Dakotacon 2017Dakotacon 2017
Dakotacon 2017
 
Modern Data Security with MySQL
Modern Data Security with MySQLModern Data Security with MySQL
Modern Data Security with MySQL
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
 
An easy way into your sap systems v3.0
An easy way into your sap systems v3.0An easy way into your sap systems v3.0
An easy way into your sap systems v3.0
 
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...
 
Centrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxCentrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptx
 

Plus de Tobias Koprowski

KoprowskiT_2AMaDisasterJustBeganAD2018
KoprowskiT_2AMaDisasterJustBeganAD2018KoprowskiT_2AMaDisasterJustBeganAD2018
KoprowskiT_2AMaDisasterJustBeganAD2018Tobias Koprowski
 
DataMindsConnect2018_SECDEVOPS
DataMindsConnect2018_SECDEVOPSDataMindsConnect2018_SECDEVOPS
DataMindsConnect2018_SECDEVOPSTobias Koprowski
 
KoprowskiT_SQLDay2016_2AMaDisasterJustBegan
KoprowskiT_SQLDay2016_2AMaDisasterJustBeganKoprowskiT_SQLDay2016_2AMaDisasterJustBegan
KoprowskiT_SQLDay2016_2AMaDisasterJustBeganTobias Koprowski
 
KoprowskiT_SQLSatDenmark_WASDforBeginners
KoprowskiT_SQLSatDenmark_WASDforBeginnersKoprowskiT_SQLSatDenmark_WASDforBeginners
KoprowskiT_SQLSatDenmark_WASDforBeginnersTobias Koprowski
 
KoprowskiT_session1_SDNEvent_WASDforBeginners
KoprowskiT_session1_SDNEvent_WASDforBeginnersKoprowskiT_session1_SDNEvent_WASDforBeginners
KoprowskiT_session1_SDNEvent_WASDforBeginnersTobias Koprowski
 
KoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbegan
KoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbeganKoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbegan
KoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbeganTobias Koprowski
 
KoprowskiT_SQLSaturday409_MaintenancePlansForBeginners
KoprowskiT_SQLSaturday409_MaintenancePlansForBeginnersKoprowskiT_SQLSaturday409_MaintenancePlansForBeginners
KoprowskiT_SQLSaturday409_MaintenancePlansForBeginnersTobias Koprowski
 
KoprowskiT_SPBizConf_2AMaDisasterJustBegan
KoprowskiT_SPBizConf_2AMaDisasterJustBeganKoprowskiT_SPBizConf_2AMaDisasterJustBegan
KoprowskiT_SPBizConf_2AMaDisasterJustBeganTobias Koprowski
 
KoprowskiT_InfoTRAMS_TrustThePrimer
KoprowskiT_InfoTRAMS_TrustThePrimerKoprowskiT_InfoTRAMS_TrustThePrimer
KoprowskiT_InfoTRAMS_TrustThePrimerTobias Koprowski
 
KoprowskiT_SQLSat419_WADBforBeginners
KoprowskiT_SQLSat419_WADBforBeginnersKoprowskiT_SQLSat419_WADBforBeginners
KoprowskiT_SQLSat419_WADBforBeginnersTobias Koprowski
 
KoprowskiT_ESRM_TrustThePrimer
KoprowskiT_ESRM_TrustThePrimerKoprowskiT_ESRM_TrustThePrimer
KoprowskiT_ESRM_TrustThePrimerTobias Koprowski
 
KoprowskiT_ECCV_Trust.ThePrimer
KoprowskiT_ECCV_Trust.ThePrimerKoprowskiT_ECCV_Trust.ThePrimer
KoprowskiT_ECCV_Trust.ThePrimerTobias Koprowski
 
KoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloudTobias Koprowski
 
KoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginners
KoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginnersKoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginners
KoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginnersTobias Koprowski
 
KoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloudTobias Koprowski
 
KoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginners
KoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginnersKoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginners
KoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginnersTobias Koprowski
 

Plus de Tobias Koprowski (17)

KoprowskiT_2AMaDisasterJustBeganAD2018
KoprowskiT_2AMaDisasterJustBeganAD2018KoprowskiT_2AMaDisasterJustBeganAD2018
KoprowskiT_2AMaDisasterJustBeganAD2018
 
DataMindsConnect2018_SECDEVOPS
DataMindsConnect2018_SECDEVOPSDataMindsConnect2018_SECDEVOPS
DataMindsConnect2018_SECDEVOPS
 
KoprowskiT_SQLDay2016_2AMaDisasterJustBegan
KoprowskiT_SQLDay2016_2AMaDisasterJustBeganKoprowskiT_SQLDay2016_2AMaDisasterJustBegan
KoprowskiT_SQLDay2016_2AMaDisasterJustBegan
 
KoprowskiT_SBIPTI_Keynote
KoprowskiT_SBIPTI_KeynoteKoprowskiT_SBIPTI_Keynote
KoprowskiT_SBIPTI_Keynote
 
KoprowskiT_SQLSatDenmark_WASDforBeginners
KoprowskiT_SQLSatDenmark_WASDforBeginnersKoprowskiT_SQLSatDenmark_WASDforBeginners
KoprowskiT_SQLSatDenmark_WASDforBeginners
 
KoprowskiT_session1_SDNEvent_WASDforBeginners
KoprowskiT_session1_SDNEvent_WASDforBeginnersKoprowskiT_session1_SDNEvent_WASDforBeginners
KoprowskiT_session1_SDNEvent_WASDforBeginners
 
KoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbegan
KoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbeganKoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbegan
KoprowskiT_SQLSaturdayManchester_2AMaDisasterJustbegan
 
KoprowskiT_SQLSaturday409_MaintenancePlansForBeginners
KoprowskiT_SQLSaturday409_MaintenancePlansForBeginnersKoprowskiT_SQLSaturday409_MaintenancePlansForBeginners
KoprowskiT_SQLSaturday409_MaintenancePlansForBeginners
 
KoprowskiT_SPBizConf_2AMaDisasterJustBegan
KoprowskiT_SPBizConf_2AMaDisasterJustBeganKoprowskiT_SPBizConf_2AMaDisasterJustBegan
KoprowskiT_SPBizConf_2AMaDisasterJustBegan
 
KoprowskiT_InfoTRAMS_TrustThePrimer
KoprowskiT_InfoTRAMS_TrustThePrimerKoprowskiT_InfoTRAMS_TrustThePrimer
KoprowskiT_InfoTRAMS_TrustThePrimer
 
KoprowskiT_SQLSat419_WADBforBeginners
KoprowskiT_SQLSat419_WADBforBeginnersKoprowskiT_SQLSat419_WADBforBeginners
KoprowskiT_SQLSat419_WADBforBeginners
 
KoprowskiT_ESRM_TrustThePrimer
KoprowskiT_ESRM_TrustThePrimerKoprowskiT_ESRM_TrustThePrimer
KoprowskiT_ESRM_TrustThePrimer
 
KoprowskiT_ECCV_Trust.ThePrimer
KoprowskiT_ECCV_Trust.ThePrimerKoprowskiT_ECCV_Trust.ThePrimer
KoprowskiT_ECCV_Trust.ThePrimer
 
KoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#9_London_FromPlanToBackupToCloud
 
KoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginners
KoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginnersKoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginners
KoprowskiT_SQLRelay2014#6_Leeds_WADBForBeginners
 
KoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloudKoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloud
KoprowskiT_SQLRelay2014#5_Newcastle_FromPlanToBackupToCloud
 
KoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginners
KoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginnersKoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginners
KoprowskiT_SQLRelay2014#4_Caerdydd_MaintenancePlansForBeginners
 

Dernier

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Dernier (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

KoprowskiT_SQLRelayCaerdydd_SQLSecurityInTheClouds

  • 1. Learn, Grow, Adapt 07/10/15 sqlrelay.co.uk/ Nottingham 08/10/15 sqlrelay.co.uk/ Reading 12/10/15 sqlrelay.co.uk/ London 13/10/15 sqlrelay.co.uk/ Bristol 14/10/15 sqlrelay.co.uk/ Cardiff 15/10/15 sqlrelay.co.uk/ Birmingham
  • 2. Awesome SQL Server conferences on your door step! w: sqlrelay.co.uk t: @sqlrelay_uk SQL Security in the Clouds Independent Consultant @ ShadowLand Consulting http://koprowskit.eu/geek || http://itblogs.pl/notbeautifulanymore
  • 3. about me • independent consultant, security & licensing auditor • Owner of ShadowLand Consulting • Microsoft Certified Trainer • SQL Server MVP (six… years in a row) • MVP Mentor Program Member • SharePoint Subject Matter Expert at CQURE • active blogger, influencer, technical writer • last 9 years living in Data Processing Center Jungle • last 15 years working arroung banking and ICT • Polish Information Technology Society Board Member • Information Security Systems Association Board Member
  • 4. 1 | Security in a Nutshell 2 | SQL Server Security Best Practices 3 | SQL Server 2014 Security Enhacement 4 | SQL Server Security in The Cloud Summary Appendix AGENDA
  • 5.
  • 6.
  • 7. 1 | Security In A Nutshell
  • 8. Security? What is this? • Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization. • As noted by the Institute for Security and Open Methodologies (ISECOM) in the OSSTMM 3 (Open Source Security Testing Methodology Manual), security provides "a form of protection where a separation is created between the assets and the threat." These separations are generically called "controls," and sometimes include changes to the asset or the threat.
  • 9. Categorizing Security - part 1 {IT REALM} • Application security | http://bit.ly/18u8J6p • Computing security | http://bit.ly/1ARdRLd • Data security | http://bit.ly/185wfph • Information security | http://bit.ly/1ARe0ya • Network security | http://bit.ly/1C443R8
  • 10. Categorizing Security - part 2 {PHYSICAL REALM} • Airport security | http://bit.ly/1LPZcCZ • Food security | http://bit.ly/1MYnii6 • Home security | http://bit.ly/1Gz3VI1 • Infrastructure security | http://bit.ly/1Bm8LIF • Physical security | http://bit.ly/1Gz3VI1 • Port security | http://bit.ly/1ARewMH • Supply chain security | http://bit.ly/1Ex7ob7 • School security | http://bit.ly/17Dl735 • Shopping center security | http://bit.ly/1EUb1FV
  • 11. Categorizing Security - part 3 {POLITICAL REALM} • Homeland security | http://bit.ly/1AAwZhE • Human security | http://bit.ly/1DhojtU • International security | http://bit.ly/1MYoyli • National security | http://bit.ly/1FEnldu • Public security | http://bit.ly/1wqpX9P
  • 12. Categorizing Security - part 4 {SQL SERVER REALM} • Application security • Computing security • Data security • Information security • Network security • Home security • Infrastructure security • Physical security • National security • Public security
  • 13. 2 | SQL Server Security Best Practices
  • 14. SQL Server Security Best Practices • Efficiency and security have an inverse relationship to one another. • You can have high efficiency or high security, but not both. Example: `Small Bank Company` tend to favor efficiency over security: • Cost limitations. This is the first and obvious reason. Community banks are fighting a constant battle to remain competitive. Implementing security in systems adds costs - there is no way around it. • Risk. It's not always a conscious decision for a bank to improve efficiency by sacrificing security. Sometimes there's a lack of understanding of the risks associated with the systems we deploy. • Personnel limitations. The many-hats syndrome runs rampant in smaller community banks. • Regulatory emphasis. The current regulatory environment stresses controls as they relate to policy and procedures.
  • 15. authentication • SQL Server supports: • Windows Authentication Mode which supports • Kerberos • NTLM (Windows NT Lan Manager) • Mixed Mode Authentication which supports • Windows Accounts • SQL Server specific accounts SECURITY BEST PRACTICES Best Practice: use Windows Authentication mode unless legacy application require Mixed Authentication for backward compability
  • 16. secure sysadmin account • sysadmin account (sa) is most vulnerable account when it’s not changed • potential SQL Server attackers, hackers aware of this SECURITY BEST PRACTICES Best Practice: change name of sysadmin account after installation SSMS>Object Explorer>Logins>Rename (right click) / T-SQL
  • 17. use complex password SECURITY BEST PRACTICES Best Practice: ensure that complex password are used for sa and other sql-server-specific logins. Think about ENFORCE EXPIRATION & MUST_CHANGE for any new SQL login
  • 18. use specific logins Best Practice: use different accounts for different sql-server oriented services Component Windows Server 2008 Windows 7 and Windows Server 2008 R2 and higher Recommended accounts Database Engine NETWORK SERVICE Virtual Account * SQL_Engine SQL Server Agent NETWORK SERVICE Virtual Account * SQL_Agent SSAS NETWORK SERVICE Virtual Account * SQL_srvAS SSIS NETWORK SERVICE Virtual Account * SQL_srvIS SSRS NETWORK SERVICE Virtual Account * SQL_srvRS SQL Server Distributed Replay Controller NETWORK SERVICE Virtual Account * SQL_DRContro SQL Server Distributed Replay Client NETWORK SERVICE Virtual Account * SQL_DRReplay FD Launcher (Full-text Search) LOCAL SERVICE Virtual Account SQL Server Browser LOCAL SERVICE LOCAL SERVICE SQL Server VSS Writer LOCAL SYSTEM LOCAL SYSTEM SECURITY BEST PRACTICES
  • 19. sysadmin membership • Member of sysadmin fixed-server role can do whatever they want on SQL Server • by default sysadmin fixed-server role has CONTROL SERVER permission granted explicity • do not explicitly grant CONTROL SERVER for Windows logins, Windows Group logins and SQL logins SECURITY BEST PRACTICES Best Practice: carefully choose the membership of sysadmin fixed-server
  • 20. general administration • everything (almost always) works under sa account especially with CONTROL SERVER permission • institute dedicated Windows logins for DBAs, and assign these logins sysadmin rights on SQL Server for administration purposes. SECURITY BEST PRACTICES Best Practice: use built-in fixed server roles and database roles or create your custom roles, then apply for specific logins
  • 21. revoke guest access • by default guest accounts exist in every user and system databases • is a potential security risk in lock down environment • those accounts could be targets for attackers • asssign public server role membership if you will need explicit access to user databases SECURITY BEST PRACTICES Best Practice: disable all gueast user access from all user and system databases (excluding msdb database)
  • 22. limit public permission • SQL Server has many Stored Procedures and many od them have public access permission: • OLE AUTOMATION: sp_OACreate, sp_OAGetProperty, sp_OAStop, sp_OAMethod, sp_OAGerErrorInfo, sp_OADestroy, sp_OASetProperty • REGISTRY ACCESS: xp_regremovemultistring, xp_regaddmultistring, xp_regread, xp_regdeletekey, xp_regdeletevalue, xp_regwrite • OTHER ROUTINES: sp_sdidebug, xp_logevent, sp_sprintf, xp_dsninfo, xp_msver, sp_sscanf, xp_stopmail, xp_grantlogin, xp_eventlog, xp_dirtree SECURITY BEST PRACTICES Best Practice: revoke public role access for some axtended procedures and check other store procedures
  • 23. hardening sql server ports • default sql server port 1433/1434 is well known as standard target for hackers • by using SQL Server Configuration Manager you: • can change default port • can use specific TCP port intead of dynamic • remeber about similar TCP/UDP ports (1433, 1434) SECURITY BEST PRACTICES Best Practice: change default SQL Server port if it’s possible
  • 24. disable sql server browser • by default SQL Server Browser is disabled • tt’s necessary to run when multiple instances are running on a single server • any Windows user having the following rights would be capable to run the SQL Server Browser service: • deny access to this computer from the network / deny logon locally / deny logon as a batch job • Deny logon through Terminal Services / log on as a service / read and write the SQL Server registry keys related to network communication (ports and pipes) SECURITY BEST PRACTICES Best Practice: change default SQL Server port if it’s possible
  • 25. secure service accounts • different service accounts for different services • dedicated low-privileges domain accounts • check membership on a regular basis • use strong and different passwords for each account SECURITY BEST PRACTICES Best Practice: create good plan and make note about service accounts and passwords
  • 26.
  • 27. 3 | SQL Server 2014 Security Enhacements
  • 28. transparent data encryption • first introduced with SQL Server 2008 • protecting data by performing I/O encryption and decryption for database and log files • passphrase (less secure), asymmetric key (strong protection, poor performance), symmetric key (good performance, strong enough protection), certificate (strong protection, good performance) • New functionality for backup: • takes non-encrypted backup data • encrypt data before writing to disk • compression is performed on the backup data first • then encryption is applied to compressed data • support for backup to Azure SQL14 SECURITY ENHACEMENTS
  • 29. encryption key management • Encryption options include: • encryption algorithm • certificate or asymmetric key • only asymmetric key reside in EKM is supported • multiple algorithm up to AES-256 are supported • manageable by PowerShell, SMO, SSMS, T-SQL • VERY IMPORTANT: • asymmetric key or certificate MUST be backed up • location MUST be different than backup location • No RESTORE without asymmetric key or certificate SQL14 SECURITY ENHACEMENTS
  • 30. connect any database • new server-level permission • grant CONNECT ANY DATABASE to a login that must connect to all databases currently exist and any new in future • does not grant any parmission in any database beyond connect • to allow an auditing process to view all data or all database states CONNECT ANY DATABASE may be combined with: • SELECT ALL USER SECURABLES • VIEW SERVER STATE SQL14 SECURITY ENHACEMENTS
  • 31. impersonate any login • new server-level permission • when granted IMPERSONATE ANY LOGIN allows a middle-tier process to impersonate the account of clients connecting to it • when denied IMPERSONATE ANY LOGIN a high privileged login can be blocked from impersonating other logins • example: CONTROL SERVER permission can be blocked from impersonating other logins SQL14 SECURITY ENHACEMENTS
  • 32. select all user securables • new server-level permission • when granted SELECT ALL USER SECURABLES a login (for example for auditing purposes) can view data in all databases that the user can connect to SQL14 SECURITY ENHACEMENTS
  • 33. SQL Server Express Security • by default: • instance name: SQLExpress • networking protocol: disabled • sql server browser: disabled • user (local) instances: • separated instance generated from parent instance • sysadmin privileges on SQL Express on local machine • runs as user process not as service process • only windows logins are supported • RANU instance (run as normal user)
  • 34.
  • 35. 4 | SQL Server Security In The Cloud
  • 36. Cloud Security Microsoft Cloud Security Approach in a Nutshell • Principles, patterns, and practices • Security engineering • Threats and countermeasures • Secure the network, host, and application • Application scenarios and solutions • Security frame • People, process, and technology • Application, infrastructure, and business http://bit.ly/1zmeYi2
  • 37. Security Model • uses regular sql security model • authenticate logins, map to users and roles • authorize users and roles to sql objects • support for standard sql auth logins • username + password • {admin, administrator, guest, root, sa} Security model is 100% compatible with on-premise SQL
  • 38. Security Requirements for Azure Platform Microsoft Azure Datacenters • North America • North-central US - Chicago, IL • South-central US - San Antonio, TX • West US - California • East US - Virginia • Asia • East Asia - Hong Kong, China • South East Asia – Singapore • South America • Brasil – Sao Paulo • Europe • North Europe - Dublin, Ireland • West Europe - Amsterdam, Netherlands • Japan • Japan East, the Tokyo area • Japan West, the Kansai area • Oceania (announced, coming soon) • Sydney, New South Wales • Melbourne, Victoria
  • 39. Security Requirements for Azure Platform • As a Service Provider Microsoft has an obligation to passing the several rules for security: • ISO 27001/27002 Audit and Certification • SOC 1/SSAE 16/ISAE 3402 and SOC 2 Attestations • Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) • Payment Card Industry (PCI) Data Security Standards (DSS) Level 1
  • 40. Security Requirements for Azure Platform Also they passing (…) several data securing audits: • Australian Government Information Security Registered Assessors Program (IRAP) • United Kingdom G-Cloud Australian Government IRAP • Multi-Tier Cloud Security Standard for Singapore (MTCS SS 584:2013) • HIPAA Business Associate Agreement (BAA) • EU Model Clauses • Food and Drug Administration 21 CFR Part 11 • Family Educational Rights and Privacy Act (FERPA) • Federal Information Processing Standard (FIPS) 140-2 • Trusted Cloud Service Certification developed by China Cloud Computing Promotion and Policy Forum (CCCPPF) • Multi-Level Protection Scheme (MLPS)
  • 41. Security Requirements for Azure Platform ISO/IEC 27001:2005 Audit and Certification ISO Scope: The following Azure features are in scope for the current ISO audit: Cloud Services (including Fabric and RDFE), Storage (Tables, Blobs, Queues), Virtual Machines (including with SQL Server), Virtual Network, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile Services, Service Bus, Workflow, Multi-Factor Authentication, Active Directory, Right Management Service, SQL Database, and HDInsight. This includes the Information Security Management System (ISMS) for Azure, encompassing infrastructure, development, operations, and support for these features. Also included are Power BI for Office 365 and Power Query Service. SOC 1 and SOC 2 SSAE 16/ISAE 3402 Attestations Scope: The following Azure features are in scope for the current SOC 1 Type 2 and SOC 2 Type 2 attestations: Cloud Services (includes stateless Web, and Worker roles), Storage (Tables, Blobs, Queues), Virtual Machines (includes persistent virtual machines for use with supported operating systems) and Virtual Network (includes Traffic Manager).
  • 42. Security Requirements for Azure Platform And of course requirements for Data Centers: • Physical security of the data centers (locks, cameras, biometric devices, card readers, alarms) • Firewalls, application gateways and IDS to protect the network • Access Control Lists (ACLs) applied to virtual local area networks (VLANs) and applications • Authentication and authorization of persons or processes that request access to data • Hardening of the servers and operating system instances • Redundant internal and external DNS infrastructure with restricted write access • Securing of virtual machine objects • Securing of static and dynamic storage containers
  • 43. SQL Server 2005 {9.0} NON-Compability • Common Language Runtime (CLR) and CLR User-Defined Types • Database Mirroring • Service Broker • Table Partitioning • Typed XML and XML indexing is not supported. The XML data type is supported by SQL Azure.
  • 44. SQL Server 2008 {10.0} NON-Compability • Change Data Capture • Data Auditing • Data Compression • Extended Events • External Key Management / Extensible Key Management • FILESTREAM Data • Integrated Full-Text Search • Large User-Defined Aggregates (UDAs) • Large User-Defined Types (UDTs) • Performance Data Collection (Data Collector) • Policy-Based Management • Resource Governor • SQL Server Replication • Transparent Data Encryption
  • 45. SQL Server 2008 R2 {10.50} NON-Compability • SQL Server Utility • SQL Server PowerShell Provider • Master Data Services SQL Server Management Studio does not support Windows Azure SQL Database in versions prior to SQL Server 2008 R2
  • 46.
  • 48. SQL Server Security in the Cloud • Same security principals like SQL Server on premise • Full responsibility for DBA with Virtual Machine • Partial responsibility for DBA with Azure SQL Database • Automatic updates for Azure SQL Database • New functionality implemented by Microsoft • Some incompabilities with t-sql, functions, store procedures • Increased security by default on Azure platform
  • 49. SQL Server in Cloud: WASD vs VM Choose Azure SQL Database, if: • You are building brand new, cloud-based applications; or you want to migrate your existing SQL Server database to Azure and your database is not using one of the unsupported functionalities in Azure SQL Database. For more information, see Azure SQL Database Transact-SQL Reference. This approach provides the benefits of a fully managed cloud service and ensures the fast time-to-market. • You want to have Microsoft perform common management operations on your databases and require stronger availability SLAs for databases. This approach can minimize the administration costs and at the same time provides a guaranteed availability for the database. Choose SQL Server in Azure VM, if: • You have existing on-premises applications and wish to stop maintaining your own hardware or you consider hybrid solutions. This approach lets you get access to high database capacity faster and also connects your on-premises applications to the cloud via a secure tunnel. • You have existing IT resources, need full administrative rights over SQL Server, and require the full compatibility with on-premises SQL Server (for example, some features do not exist in Azure SQL Database). This approach lets you minimize costs for development or modifications of existing applications with the flexibility to run most applications. In addition, it provides full control on the VM, operating system, and database configuration.
  • 51. links • ISECOM (the Institute for Security and Open Methodologies) • http://www.isecom.org/about-us.html • OSSTMM (Open Source Security Testing Methodology Manual) • http://www.isecom.org/research/osstmm.html • Library of Resources for Industrial Control System Cyber Security • https://scadahacker.com/library/index.html • patterns & practices: Cloud Security Approach in a Nutshell • https://technet.microsoft.com/en-us/ff742848.aspx • Microsoft Azure Trust Center: Security • http://azure.microsoft.com/en-us/support/trust-center/security/ • 10 Things to know about Azure Security • https://technet.microsoft.com/en-us/cloud/gg663906.aspx • Security Best Practice and Label Security Whitepapers • http://blogs.msdn.com/b/sqlsecurity/archive/2012/03/07/security-best-practice-and-label-security-whitepapers.aspx
  • 52. links • Hello Secure World • http://www.microsoft.com/click/hellosecureworld/default.mspx • SQL Server Label Security Toolkit • http://sqlserverlst.codeplex.com/ SQL Server Best Practices Analyzer • Microsoft Baseline Configuration Analyzer 2.0 • http://www.microsoft.com/en-us/download/details.aspx?id=16475 • SQL Server 2005 Best Practices Analyzer (August 2008) • http://www.microsoft.com/en-us/download/details.aspx?id=23864 • Microsoft® SQL Server® 2008 R2 Best Practices Analyzer • http://www.microsoft.com/en-us/download/details.aspx?id=15289 • Microsoft® SQL Server® 2012 Best Practices Analyzer • http://www.microsoft.com/en-us/download/details.aspx?id=29302
  • 53. links • Microsoft Security Assessment Tool • http://www.microsoft.com/downloads/details.aspx?FamilyID=6D79DF9C-C6D1-4E8F-8000- 0BE72B430212&displaylang=en • Microsoft Application Verifier • http://www.microsoft.com/downloads/details.aspx?FamilyID=bd02c19c-1250-433c-8c1b- 2619bd93b3a2&DisplayLang=en • Microsoft Threat Analysis & Modelling Tool • http://www.microsoft.com/downloads/details.aspx?FamilyID=59888078-9daf-4e96-b7d1- 944703479451&DisplayLang=en • How To: Protect From SQL Injection in ASP.NET • http://msdn2.microsoft.com/en-us/library/ms998271.aspx • Securing Your Database Server • http://msdn.microsoft.com/en-us/library/aa302434.aspx • Threats and Countermeasures • http://www.microsoft.com/technet/security/guidance/serversecurity/tcg/tcgch00.mspx
  • 54. links • Configure Windows Service Accounts and Permissions • https://msdn.microsoft.com/en-us/library/ms143504.aspx#Network_Service • Select an Account for the SQL Server Agent Service • https://msdn.microsoft.com/en-us/library/ms191543.aspx • Server Configuration - Service Accounts • https://msdn.microsoft.com/en-us/library/cc281953.aspx
  • 55. azure resources: security • Azure Security: Technical Insights • Security Best Practices for Developing Azure Solutions • Protecting Data in Azure • Azure Network Security • Microsoft Antimalware for Azure Cloud Services and Virtual Machines • Microsoft Enterprise Cloud Red Teaming • Microsoft Azure Security and Audit Log Management • Security Management in Microsoft Azure • Crypto Services and Data Security in Azure
  • 56. azure resources: security & privacy • Business Continuity for Azure • Understanding Security Account Management in Azure • Azure Data Security: Cleansing and Leakage • Scenarios and Solutions Using Azure Active Directory Access Control • Securing and Authenticating a Service Bus Connection • Azure Privacy Overview (PDF) • Azure Privacy Statement • Law Enforcement Request Report • Protecting Data and Privacy in the Cloud
  • 57. azure resources: compliance & more • Response to Cloud Security Alliance Cloud Controls Matrix (DOC) • Azure HIPAA Implementation Guidance (PDF) • Azure Customer PCI Guide (PDF) • The Microsoft Approach to Cloud Transparency (PDF) • Microsoft Trustworthy Computing • Operational Security for Online Services Overview (PDF) • Data Classification for Cloud Readiness • CISO Perspectives on Data Classification (PDF) • An Introduction to Designing Reliable Cloud Services (PDF) • Deploying Highly Available and Secure Cloud Solutions (PDF)
  • 58. azure resources RESOURCE DESCRIPTION MSDN: Azure SQL Database MSDN: SQL Server in Azure Virtual Machines Azure.com: Azure SQL Database Links to the library documentation. Azure SQL Database and SQL Server -- Performance and Scalability Compared and Contrasted This article explains performance differences and troubleshooting techniques when using Azure SQL Database and SQL Server running on- premises or in a VM. Application Patterns and Development Strategies for SQL Server in Azure Virtual Machines This article discusses the most common application patterns that apply to SQL Server in Azure VMs and also hybrid scenarios including Azure SQL Database. Microsoft Enterprise Library Transient Fault Handling Application Block This library lets developers make their applications running on Azure SQL Database more resilient by adding robust transient fault handling logic. Transient faults are errors that occur because of some temporary condition such as network connectivity issues or service unavailability. Since Azure SQL Database is a multitenant service, it is important to handle such errors to minimize any application downtime.
  • 59. credits • Yes, 123456 is the most common password, but here’s why that’s misleading http://arstechnica.com/security/2015/01/yes-123456-is-the-most-common-password-but-heres-why-thats-misleading/ • CIO’s are Listening, Security is Important… https://communities.intel.com/community/itpeernetwork/blog/2014/05/20/cio-s-are-listening-security-is-important
  • 60. after session CONTACT: • MAIL: KoprowskiT@windowslive.com • SOCIAL MEDIA: facebook, twitter, linkedin, xing SLIDES FROM SESSION: • SlideShare Profile: http://www.slideshare.net/Anorak • SQL Relay Site: http://www.sqlrelay.co.uk BLOGS: • ITPRO Anorak’s Vision: http://itblogs.pl/notbeautifulanymore/ [PL/EN] • Volume Licensing Specialites: http://koprowskit.eu/licensing/ [PL] • My MVP Blog: http://koprowskit.eu/geek/ [EN/ES/RU/NL/PL]