This document discusses SQL Server security enhancements in SQL Server 2014. It covers three main topics:
1) Transparent Data Encryption allows encrypting database and log files for protection both during operations and when backing up to disk or Azure. Encryption can use passwords, asymmetric keys, or certificates.
2) Encryption Key Management allows managing encryption keys through PowerShell, SMO, SSMS and T-SQL. Asymmetric keys or certificates used for encryption must be properly backed up.
3) A new "CONNECT ANY DATABASE" permission allows logins to connect to all current and future databases without other permissions in those databases. This facilitates auditing processes.
The document discusses SQL Server security in three parts. The first part provides an overview of security concepts and categories security into the IT, physical, and political realms. The second part outlines SQL Server security best practices such as using Windows authentication, securing administrator accounts, and limiting public permissions. The third part covers new security enhancements in SQL Server 2014 like transparent data encryption, encryption key management, and the CONNECT ANY DATABASE permission.
This document discusses best practices for preparing for and responding to a disaster involving critical IT systems like servers and databases. It emphasizes the importance of regular backups, having recovery procedures documented, testing restores, and defining roles and responsibilities of team members. It provides guidance on backup strategies for SQL Server and SharePoint, including using different types of backups, storing backups offline, and setting backup schedules. It also stresses the value of preparation, being ready to restore from backups, and having contact information and credentials documented in advance in case of an emergency.
Windows Azure SQL Database for Beginners (tips & tricks)
The document provides an overview and introduction to Windows Azure SQL Database including:
- Key features such as scalability, availability, data protection, and programmatic DBA functionality.
- Performance levels are described in DTU (database transaction units) with different tiers for Basic, Standard, and Premium databases.
- Limitations are discussed around database sizing, collations, logins/users, and compatibility with on-premises SQL Server features.
• We sleeping well. And our mobile ringing and ringing. Message: DISASTER! In this session (on slides) we are NOT talk about potential disaster (such BCM); we talk about: And what NOW? New version old my old well-known session updated for whole changes which happened in DBA World in last two-three years.
• So, from the ground to the Sky and further - everything for surviving disaster. Which tasks should have been finished BEFORE. Is virtual or physical SQL matter? We talk about systems, databases, peoples, encryption, passwords, certificates and users.
• In this session (on few demos) I'll show which part of our SQL Server Environment are critical and how to be prepared to disaster. In some documents I'll show You how to be BEST prepared.
Our data should be secure. And our environment too. What we can do for maximizing security in a hybrid environment, where SQL Server exist in two forms: premise and cloud. How to organize our job, how to control our data if we use Windows Azure SQL Database - The Cloud Database. physical security, policy-based management, auditing, encryption, federation, access and authorization. All of those subjects will be covered during my session.
Backup? Who cares! Now and Then? We store our data in the cloud. Somewhere in the Cloud. Which Cloud? Who cares! But we are still SQL Server Professionals, so… are we need backup? Should we use newest opportunities or old methods? Are we going a step further or step back? On my session, I will try to find answers for all of those (and more) questions. Demos, cases, and examples from the world of backup. And of course worst practices.
This document discusses SQL Server backup and recovery best practices. It begins with an introduction by Tobiasz Janusz Koprowski on his background and experience. The agenda then outlines parts on introduction to backup options, demonstrations of backup in the cloud and on-premise, and best practices. It covers topics like understanding different cloud service models, security requirements for Azure, and non-compatible features between SQL Server versions and SQL Azure. It also demonstrates connecting to and backing up databases in SQL Azure and on-premise SQL Server.
The document discusses SQL Server security in three parts. The first part provides an overview of security concepts and categories security into the IT, physical, and political realms. The second part outlines SQL Server security best practices such as using Windows authentication, securing administrator accounts, and limiting public permissions. The third part covers new security enhancements in SQL Server 2014 like transparent data encryption, encryption key management, and the CONNECT ANY DATABASE permission.
This document discusses best practices for preparing for and responding to a disaster involving critical IT systems like servers and databases. It emphasizes the importance of regular backups, having recovery procedures documented, testing restores, and defining roles and responsibilities of team members. It provides guidance on backup strategies for SQL Server and SharePoint, including using different types of backups, storing backups offline, and setting backup schedules. It also stresses the value of preparation, being ready to restore from backups, and having contact information and credentials documented in advance in case of an emergency.
Windows Azure SQL Database for Beginners (tips & tricks)
The document provides an overview and introduction to Windows Azure SQL Database including:
- Key features such as scalability, availability, data protection, and programmatic DBA functionality.
- Performance levels are described in DTU (database transaction units) with different tiers for Basic, Standard, and Premium databases.
- Limitations are discussed around database sizing, collations, logins/users, and compatibility with on-premises SQL Server features.
• We sleeping well. And our mobile ringing and ringing. Message: DISASTER! In this session (on slides) we are NOT talk about potential disaster (such BCM); we talk about: And what NOW? New version old my old well-known session updated for whole changes which happened in DBA World in last two-three years.
• So, from the ground to the Sky and further - everything for surviving disaster. Which tasks should have been finished BEFORE. Is virtual or physical SQL matter? We talk about systems, databases, peoples, encryption, passwords, certificates and users.
• In this session (on few demos) I'll show which part of our SQL Server Environment are critical and how to be prepared to disaster. In some documents I'll show You how to be BEST prepared.
Our data should be secure. And our environment too. What we can do for maximizing security in a hybrid environment, where SQL Server exist in two forms: premise and cloud. How to organize our job, how to control our data if we use Windows Azure SQL Database - The Cloud Database. physical security, policy-based management, auditing, encryption, federation, access and authorization. All of those subjects will be covered during my session.
Backup? Who cares! Now and Then? We store our data in the cloud. Somewhere in the Cloud. Which Cloud? Who cares! But we are still SQL Server Professionals, so… are we need backup? Should we use newest opportunities or old methods? Are we going a step further or step back? On my session, I will try to find answers for all of those (and more) questions. Demos, cases, and examples from the world of backup. And of course worst practices.
This document discusses SQL Server backup and recovery best practices. It begins with an introduction by Tobiasz Janusz Koprowski on his background and experience. The agenda then outlines parts on introduction to backup options, demonstrations of backup in the cloud and on-premise, and best practices. It covers topics like understanding different cloud service models, security requirements for Azure, and non-compatible features between SQL Server versions and SQL Azure. It also demonstrates connecting to and backing up databases in SQL Azure and on-premise SQL Server.
On my first session I would to introduce everyone to formerly known SQL Azure (actually Windows Azure SQL Database). Under Tips and Trick session I will show which points, features, compatibility and non-compatibility for SQL Azure are important for DBA's. I will cover functionalities, performance, cost, and sla and security aspects.
After break I will show how we can work with our data in the Cloud using SQL Azure, Blob Storage, what functionality of backup, restore, encryption and availability are available for us, how we can implement hybrid environment and when an why it is (or not) good practice.
And finally I hope we will find few minutes for discussion about Future of the DBA (not only in AD 2016)
Introduction to SQL Server Analysis services 2008Tobias Koprowski
This is my presentation from 17th Polish SQL server User Group Meeting in Wroclaw. It\'s first part of Quadrology Bussiness Intelligence for ITPros Cycle.
This document provides an overview and agenda for a presentation on Windows Azure SQL Database for beginners. The presentation will cover topics in three parts: features and functionality of SQL Database in Azure in the first part, demonstrations of the Azure portal and management tools in the second part, and a discussion on the future of database administration in the third part. Additional links and a question/answer session will be provided in an appendix.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services (and not only). In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
This presentation is based on a real life experience migrating Oracle E-Business Suite production to AWS.
We will talk about:
- Certification basics. Overview on supported configurations.
- How to build. Recommendations based on migration and 2 year production runtime experience.
- Advanced configurations.
- R12.2.
- Microsoft Azure and Oracle Cloud review. Quick comparison outline of main alternative platforms. How ready is Oracle's own cloud service.
- Scaling.
This is a very client demanding topic. Many are looking into cloud migration options and how they can optimize the cost compared to the on-premise hosting, and many misunderstand the complexity of Oracle EBS stack being capable for cloud deployment.
Password Policies in Oracle Access Manager. How to improve user authenticatio...Andrejs Prokopjevs
This presentation is about how System Administrators and/or Oracle Apps DBAs can improve and meet user authentication security standards in Oracle E-Business Suite by using Oracle Access Manager integration and it's password policy management.
We will talk about:
- Current Oracle E-Business Suite password security limitations.
- Implementation of password policy management in Oracle Access Manager releases. Comparing the capabilities and why you should upgrade your OAM to the latest 11gR2.
- A use case example of most common configuration.
- Demo.
This document summarizes Tobiasz Janusz Koprowski's presentation on Windows Azure SQL Database. It discusses planning considerations when migrating a SQL Server database to SQL Database, including database sizes and performance tiers, compatibility with SQL Server features, and security requirements. It also provides an overview of SQL Database backup, restore, and synchronization capabilities.
KoprowskiT - SQLBITS X - 2am a disaster just beganTobias Koprowski
A document outlines best practices for surviving a disaster involving SQL Server infrastructure. It recommends being well prepared with regular backups stored offsite, documented restore procedures, clear roles and responsibilities, and service level agreements defining acceptable downtimes. Key aspects of preparation include backups, restore testing, documentation, contact lists, hardware and software inventory, passwords, encryption keys, defined teams, and keeping management informed. The overall message is that with proper planning, a disaster can be survived by following the best practice of being prepared.
SQLSaturday is a training event for SQL Server professionals and those wanting to learn about SQL Server. This event will be held Jun 13 2015 at Hochschule Bonn-Rhein-Sieg, Grantham-Allee 20, St. Augustin, Rheinland, 53757, Germany. Admittance to this event is free, all costs are covered by donations and sponsorships. Please register soon as seating is limited, and let friends and colleagues know about the event.
###
Maintenance Plans for Beginners (but not only) | Each of experienced administrators used (to some extent) what is called Maintenance Plans - Plans of Conservation. During this session, I'd like to discuss what can be useful for us to provide functionality when we use them and what to look out for. Session at 200 times the forward-300, with the opening of the discussion.
SQL Server Source Control for Beginners is a presentation about using source control for SQL Server databases. It discusses:
- Common source control systems like SVN, TFS, and Mercurial that can be used to track database changes.
- How RedGate SQL Source Control allows committing database objects and changes directly from SQL Server Management Studio.
- Key features like rolling back changes, maintaining referential integrity, and locking objects while working.
- Demonstrates setting up a database in source control and committing changes.
- Additional tools that can deploy databases directly from source control like SQL Compare and SQL Data Compare.
The document discusses best practices for preparing for and surviving a disaster involving IT systems. It emphasizes the importance of being prepared through thorough backup and recovery procedures. Key aspects of preparation include having documented procedures for backup and restore of SQL and SharePoint environments, understanding roles and responsibilities, maintaining service level agreements, keeping an encrypted envelope of credentials, and ensuring necessary hardware, software, and support contracts are accounted for. The overall message is that with proper planning through documented policies and procedures, the impact of a disaster can be minimized.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services. In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
The document discusses best practices for preparing for and responding to a disaster involving IT systems. It emphasizes the importance of having backups, restoration procedures, clearly defined roles and responsibilities, service level agreements, and all necessary information and equipment required to recover systems. Specific recommendations include developing backup policies, regularly testing restores, maintaining a separate test environment, and ensuring management understands estimated recovery times. The document stresses the importance of preparation and having the right people, processes, and documentation in place to minimize downtime from an outage or disaster.
Running Oracle EBS in the cloud (OAUG Collaborate 18 edition)Andrejs Prokopjevs
This presentation is based on a real-life experience migrating Oracle E-Business Suite R12.1 production to Amazon AWS, and additional proof-of-concept effort done getting various client systems upgraded to R12.2 and migrated to main cloud vendor platforms on the market. We are going to cover here various areas, like:
- Certification basics. Overview look into supported configurations.
- How to architect. Basic recommendations based on migration and 2+ year production runtime experience. We will mainly cover Amazon AWS use case.
- Advanced configurations outline.
- R12.2 and features / nuances coming with it.
- Microsoft Azure and Oracle Cloud review. Quick comparison outline of main alternative platforms.
- Cloud deployment automation and the most common scenario - auto-scaling.
This is a very client demanding topic and many are looking into cloud migration options and how they can optimize the cost comparing to the on-premise hardware hosting. And many are still misunderstanding the complexity of Oracle EBS stack being capable for cloud deployment.
This document discusses various tools from ApexSQL that are available for free. It provides descriptions of ApexSQL Complete, an add-in that improves SQL coding productivity in Visual Studio and SSMS, ApexSQL Refactor for formatting and refactoring SQL code, and ApexSQL Search for finding SQL objects. It also gives an overview of ApexSQL's licensing and demos some of the tools.
Microsoft Azure zmienia się. Jego częśc poświęcona bazie danych (Windows Azure SQL Database) zmienia się jeszcze szybciej. Podczas tej sesji chciałbym pokazac tym, którzy nie widzieli, oraz przypomniec tym, którzy już coś wiedzą - o co chodzi z WASD, jakie zmiany nastapiły i czego możemy po tej bazie oczekiwać. Dla odważnych będzie okazja podłączenia się do konta w chmurze i przetestowania ych rozwiązań samemu.
The document provides an introduction to SQL Azure, Microsoft's relational database service. It discusses how SQL Azure leverages existing SQL Server skills and tools while providing new cloud capabilities. Key points include SQL Azure being highly scaled and secure, providing a database as a service, and targeting scenarios such as departmental apps, web apps, and ISVs that need simple deployment and self-management. Architecturally, SQL Azure uses a shared infrastructure with scalable high availability technology.
This document provides an introduction to MySQL including its history and major milestones. It discusses MySQL's role in the LAMP stack and its popularity as the world's most widely used open source database. It also summarizes MySQL's various storage engines, architectures, and recent releases. The document concludes with a discussion of MySQL's future focus and available high availability solutions.
Tobiasz Janusz Koprowski presented a beginner's guide to tips and tricks for using Windows Azure SQL Database. The presentation covered key Azure SQL Database concepts like database tiers, performance levels measured in Database Transaction Units (DTUs), data migration options, and compatibility with on-premises SQL Server versions. It provided an overview of supported and non-supported features between SQL Azure and different SQL Server versions. The presentation aimed to help attendees understand how to plan, configure and manage databases in the Azure SQL Database platform.
The document provides an overview of Oracle's Virtual Compute Appliance (VCA). Key points:
- The VCA is an engineered system for quickly deploying Oracle VM environments using pre-configured hardware and software.
- It automates the configuration of servers, storage, networking, and Oracle VM software for simplified management.
- Templates can be used to rapidly deploy full application stacks on the VCA in as little as 1-2 hours from power-on.
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLATobias Koprowski
To druga prezentacja w cztero-częściowym cyklu omawiającym znaczenie wysokiej dostepności w kontekście umów SLA. Prezentacje przeznaczone są dla odbiorców z kręgu ITPro, a publikowane na zywo na portalu VirtualStudy.pl
***
This is second part of my four-parts cycle about Service Level Agreement for ITPros. It a session for Virtualstudy.pl education portal.
On my first session I would to introduce everyone to formerly known SQL Azure (actually Windows Azure SQL Database). Under Tips and Trick session I will show which points, features, compatibility and non-compatibility for SQL Azure are important for DBA's. I will cover functionalities, performance, cost, and sla and security aspects.
After break I will show how we can work with our data in the Cloud using SQL Azure, Blob Storage, what functionality of backup, restore, encryption and availability are available for us, how we can implement hybrid environment and when an why it is (or not) good practice.
And finally I hope we will find few minutes for discussion about Future of the DBA (not only in AD 2016)
Introduction to SQL Server Analysis services 2008Tobias Koprowski
This is my presentation from 17th Polish SQL server User Group Meeting in Wroclaw. It\'s first part of Quadrology Bussiness Intelligence for ITPros Cycle.
This document provides an overview and agenda for a presentation on Windows Azure SQL Database for beginners. The presentation will cover topics in three parts: features and functionality of SQL Database in Azure in the first part, demonstrations of the Azure portal and management tools in the second part, and a discussion on the future of database administration in the third part. Additional links and a question/answer session will be provided in an appendix.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services (and not only). In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
This presentation is based on a real life experience migrating Oracle E-Business Suite production to AWS.
We will talk about:
- Certification basics. Overview on supported configurations.
- How to build. Recommendations based on migration and 2 year production runtime experience.
- Advanced configurations.
- R12.2.
- Microsoft Azure and Oracle Cloud review. Quick comparison outline of main alternative platforms. How ready is Oracle's own cloud service.
- Scaling.
This is a very client demanding topic. Many are looking into cloud migration options and how they can optimize the cost compared to the on-premise hosting, and many misunderstand the complexity of Oracle EBS stack being capable for cloud deployment.
Password Policies in Oracle Access Manager. How to improve user authenticatio...Andrejs Prokopjevs
This presentation is about how System Administrators and/or Oracle Apps DBAs can improve and meet user authentication security standards in Oracle E-Business Suite by using Oracle Access Manager integration and it's password policy management.
We will talk about:
- Current Oracle E-Business Suite password security limitations.
- Implementation of password policy management in Oracle Access Manager releases. Comparing the capabilities and why you should upgrade your OAM to the latest 11gR2.
- A use case example of most common configuration.
- Demo.
This document summarizes Tobiasz Janusz Koprowski's presentation on Windows Azure SQL Database. It discusses planning considerations when migrating a SQL Server database to SQL Database, including database sizes and performance tiers, compatibility with SQL Server features, and security requirements. It also provides an overview of SQL Database backup, restore, and synchronization capabilities.
KoprowskiT - SQLBITS X - 2am a disaster just beganTobias Koprowski
A document outlines best practices for surviving a disaster involving SQL Server infrastructure. It recommends being well prepared with regular backups stored offsite, documented restore procedures, clear roles and responsibilities, and service level agreements defining acceptable downtimes. Key aspects of preparation include backups, restore testing, documentation, contact lists, hardware and software inventory, passwords, encryption keys, defined teams, and keeping management informed. The overall message is that with proper planning, a disaster can be survived by following the best practice of being prepared.
SQLSaturday is a training event for SQL Server professionals and those wanting to learn about SQL Server. This event will be held Jun 13 2015 at Hochschule Bonn-Rhein-Sieg, Grantham-Allee 20, St. Augustin, Rheinland, 53757, Germany. Admittance to this event is free, all costs are covered by donations and sponsorships. Please register soon as seating is limited, and let friends and colleagues know about the event.
###
Maintenance Plans for Beginners (but not only) | Each of experienced administrators used (to some extent) what is called Maintenance Plans - Plans of Conservation. During this session, I'd like to discuss what can be useful for us to provide functionality when we use them and what to look out for. Session at 200 times the forward-300, with the opening of the discussion.
SQL Server Source Control for Beginners is a presentation about using source control for SQL Server databases. It discusses:
- Common source control systems like SVN, TFS, and Mercurial that can be used to track database changes.
- How RedGate SQL Source Control allows committing database objects and changes directly from SQL Server Management Studio.
- Key features like rolling back changes, maintaining referential integrity, and locking objects while working.
- Demonstrates setting up a database in source control and committing changes.
- Additional tools that can deploy databases directly from source control like SQL Compare and SQL Data Compare.
The document discusses best practices for preparing for and surviving a disaster involving IT systems. It emphasizes the importance of being prepared through thorough backup and recovery procedures. Key aspects of preparation include having documented procedures for backup and restore of SQL and SharePoint environments, understanding roles and responsibilities, maintaining service level agreements, keeping an encrypted envelope of credentials, and ensuring necessary hardware, software, and support contracts are accounted for. The overall message is that with proper planning through documented policies and procedures, the impact of a disaster can be minimized.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services. In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
The document discusses best practices for preparing for and responding to a disaster involving IT systems. It emphasizes the importance of having backups, restoration procedures, clearly defined roles and responsibilities, service level agreements, and all necessary information and equipment required to recover systems. Specific recommendations include developing backup policies, regularly testing restores, maintaining a separate test environment, and ensuring management understands estimated recovery times. The document stresses the importance of preparation and having the right people, processes, and documentation in place to minimize downtime from an outage or disaster.
Running Oracle EBS in the cloud (OAUG Collaborate 18 edition)Andrejs Prokopjevs
This presentation is based on a real-life experience migrating Oracle E-Business Suite R12.1 production to Amazon AWS, and additional proof-of-concept effort done getting various client systems upgraded to R12.2 and migrated to main cloud vendor platforms on the market. We are going to cover here various areas, like:
- Certification basics. Overview look into supported configurations.
- How to architect. Basic recommendations based on migration and 2+ year production runtime experience. We will mainly cover Amazon AWS use case.
- Advanced configurations outline.
- R12.2 and features / nuances coming with it.
- Microsoft Azure and Oracle Cloud review. Quick comparison outline of main alternative platforms.
- Cloud deployment automation and the most common scenario - auto-scaling.
This is a very client demanding topic and many are looking into cloud migration options and how they can optimize the cost comparing to the on-premise hardware hosting. And many are still misunderstanding the complexity of Oracle EBS stack being capable for cloud deployment.
This document discusses various tools from ApexSQL that are available for free. It provides descriptions of ApexSQL Complete, an add-in that improves SQL coding productivity in Visual Studio and SSMS, ApexSQL Refactor for formatting and refactoring SQL code, and ApexSQL Search for finding SQL objects. It also gives an overview of ApexSQL's licensing and demos some of the tools.
Microsoft Azure zmienia się. Jego częśc poświęcona bazie danych (Windows Azure SQL Database) zmienia się jeszcze szybciej. Podczas tej sesji chciałbym pokazac tym, którzy nie widzieli, oraz przypomniec tym, którzy już coś wiedzą - o co chodzi z WASD, jakie zmiany nastapiły i czego możemy po tej bazie oczekiwać. Dla odważnych będzie okazja podłączenia się do konta w chmurze i przetestowania ych rozwiązań samemu.
The document provides an introduction to SQL Azure, Microsoft's relational database service. It discusses how SQL Azure leverages existing SQL Server skills and tools while providing new cloud capabilities. Key points include SQL Azure being highly scaled and secure, providing a database as a service, and targeting scenarios such as departmental apps, web apps, and ISVs that need simple deployment and self-management. Architecturally, SQL Azure uses a shared infrastructure with scalable high availability technology.
This document provides an introduction to MySQL including its history and major milestones. It discusses MySQL's role in the LAMP stack and its popularity as the world's most widely used open source database. It also summarizes MySQL's various storage engines, architectures, and recent releases. The document concludes with a discussion of MySQL's future focus and available high availability solutions.
Tobiasz Janusz Koprowski presented a beginner's guide to tips and tricks for using Windows Azure SQL Database. The presentation covered key Azure SQL Database concepts like database tiers, performance levels measured in Database Transaction Units (DTUs), data migration options, and compatibility with on-premises SQL Server versions. It provided an overview of supported and non-supported features between SQL Azure and different SQL Server versions. The presentation aimed to help attendees understand how to plan, configure and manage databases in the Azure SQL Database platform.
The document provides an overview of Oracle's Virtual Compute Appliance (VCA). Key points:
- The VCA is an engineered system for quickly deploying Oracle VM environments using pre-configured hardware and software.
- It automates the configuration of servers, storage, networking, and Oracle VM software for simplified management.
- Templates can be used to rapidly deploy full application stacks on the VCA in as little as 1-2 hours from power-on.
Wysoka Dostępność SQL Server 2008 w kontekscie umów SLATobias Koprowski
To druga prezentacja w cztero-częściowym cyklu omawiającym znaczenie wysokiej dostepności w kontekście umów SLA. Prezentacje przeznaczone są dla odbiorców z kręgu ITPro, a publikowane na zywo na portalu VirtualStudy.pl
***
This is second part of my four-parts cycle about Service Level Agreement for ITPros. It a session for Virtualstudy.pl education portal.
A Whistleblowing Report to the United States of Congress submitted by Scott Bennett, 2LT, United States Army (Reserve), 11th Psychological Operations Battalion to the Department of Defense Inspector General, Memorial Day, May 27, 2013
The Betrayal and Cover-Up by the U.S. Government of the Union Bank of Switzerland - Terrorist Threat Financia Connection to Booz Allen Hamilton and U.S. Central Command
Scott Bennett - Shell Game (pdf source - http://projectcamelotportal.com/files/SHELL_GAME.pdf
This one sentence document appears to be a copyright notice for RealPage, Inc. stating that they own all trademarks mentioned and reserving all rights.
Eventuosity For Event Producers and Service ProvidersJustin Panzer
The document describes a cloud-based platform for collaborative event management that allows all event stakeholders including clients, producers, venues, exhibitors, and attendees to be involved in the planning process. The platform provides end-to-end planning and management tools that can be accessed in the office, on the road, or at the venue. It offers complete control for event planners and integrates with core business applications. The platform promises benefits like greater efficiency, improved accuracy, smarter collaboration, and deeper business intelligence for event clients as well as resource optimization, client process integration, and competitive differentiation for event producers.
Презентация стратегической игры MatriX UrbanАндрей Донских
Стратегическая игра MatriX Urban — это специализированная версия креативной платформы MatriX, предназначенная для поиска нестандартных и свежих решений по развитию территорий и моногородов, улучшению качества жизни населения, поиску новых форматов взаимодействия органов власти, бизнеса, экспертного сообщества, общественных организаций и других заинтересованных сторон.
MatriX Urban — это креативная платформа, предназначенная для проектирования будущего городов и проектов городского развития.
Активные городские сообщества и горожане понимают необходимость перемен и готовы брать на себя ответственность за настоящее и будущее своего города. Это проявляется в том, что они готовы созидательно участвовать в его среде.
Подробнее http://donskih.ru/matrix/matrix-urban/
Virtual Study Beta Exam 71-663 Exchange 2010 Designing And Deploying Messagin...Tobias Koprowski
This is my presentation for VirtualStudy.pl as teh last part of preparation for 71-663 beta exam: 71-663: Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010
Recent news about the pending shortage of data scientists prompts speculation about automation: will machines replace human analysts? We propose a model of automation, and briefly review progress in automated machine learning over the past twenty years. Summarizing the current state of the art, we look at some of the remaining challenges, and the implications for practicing data scientists.
The document discusses how companies can implement next best offer strategies using customer data and signals. It describes how customers' purchasing behaviors have become more complex, influenced by various online sources. It then outlines how SAS software can help companies analyze customer data and behaviors to generate targeted, personalized offers at optimal times through real-time decisioning across all channels. Case studies show how US Bank improved sales and increased customer value using next best offer strategies based on signal and event analysis.
Why is ERISA attorney Thomas Schendt so passionate about stopping retirement plan leakage? Because 401(k) loan defaults and a misunderstanding of plan sponsor requirements are costing plans billions every year. See why he believes this problem has a simple solution.
Slideburst #7 - Next Best Action in All Digital ChannelsPatrik Svensson
This document discusses using customer data and analytics to deliver personalized next best actions across digital channels. It provides examples of using customer profile and usage data to offer targeted communications and packages to specific customers. The document advocates building customer profiles based on analytics and segmentation techniques. It also argues that delivering personalized next best actions requires changes to data infrastructure and architecture to better integrate customer, usage and event data.
The taste of food and beverages can be dictated by the cleanliness of your water. Issues such as sediment, chlorine and hardness are often to blame but can be easily prevented.
This document discusses SQL Server security and provides an overview of SQL Server security best practices and enhancements in SQL Server 2014. It covers categorizing security across IT, physical, political, and SQL Server realms. It outlines best practices for authentication, securing administrator accounts, complex passwords, specific logins, administrator membership, guest access, stored procedure permissions, ports, services, and encryption. New SQL Server 2014 features discussed include transparent data encryption, encryption key management, and new permissions for connecting to any database and impersonating logins.
ITCamp 2018 - Tobiasz Koprowski - Secure your data at rest - on demand, now!ITCamp
This document contains the agenda and slides for a presentation on SQL Server security. The presentation covers security foundations for database administrators (DBAs), well-known risk factors from OSSTMM and OWASP, SQL Server security best practices, security enhancements in SQL Server 2014, 2016, and 2017, SQL Server security in the cloud, DBA security, and risk management for DBAs. The slides define key security concepts, categorize security realms, outline the OSSTMM and OWASP top 10 risks, and describe various SQL Server security features and configurations.
This document provides an overview of security and auditing in SQL Server 2008 R2. It discusses SQL Server security concepts like principals, securables and permissions. It also covers protecting the server and database scope through authentication methods, roles, logins and permissions. The document reviews keys, certificates and transparent data encryption. It concludes with an introduction to auditing security in SQL Server through tools like SQL Server Profiler, DDL triggers and the SQL Server Audit feature.
Azure SQL Database Introduction by Tim RadneyHasan Savran
Have you been hearing about Azure Managed Instances and want to know what all the fuss is about? Come see how Managed Instances is changing how we think about cloud databases. Managed Instances can be considered a hybrid of Azure SQL Database and on-premises SQL Server with all the awesome benefits of Platform as a Service. You’ll get to see first-hand how easy it is to migrate databases from on-premises to a Managed Instance. We’ll explore the differences between Azure SQL Database, Managed Instances, and SQL Server on an Azure VM to help you determine what is the best fit for your organization. If you’ve been considering Azure for your organization, this session is for you!
SQL injection is a common web application security vulnerability that allows attackers to interfere with and extract data from databases. It occurs when user-supplied input is not sanitized for SQL keywords and could allow attackers to alter intended SQL queries. Key countermeasures include using prepared statements with parameterized queries, input validation, and limiting database account privileges. Developers should never directly concatenate user input into SQL statements.
- 43% of companies experienced a data breach in the past year, with major breaches exposing over 500 million identities in 2013 alone. Cybercrime costs the global economy $575 billion per year.
- The 2013 Target breach exposed 40 million credit/debit cards and 70 million customer records, costing $270 million. A major data breach is discovered every month.
- Database vulnerabilities include poor configurations, overprivileged accounts, weak access controls, authentication and auditing. Attacks include SQL injection, buffer overflows, brute force attacks and malware. Malicious actions can cause information disclosure, denial of service, privilege escalation, spoofing and data tampering.
Presentation about securing the environment that the Blackboard Learn application runs on. Includes:
* IPS/IDS
* Database Security Recommendations
* Load Balancer
etc.
Geek Sync | Handling HIPAA Compliance with Your Data AccessIDERA Software
The document discusses how to ensure compliance with HIPAA regulations when handling electronic protected health information (ePHI) stored in SQL Server databases. It addresses five key questions around auditing access to ePHI, defining a secure SQL Server configuration baseline, implementing repeatable security processes, auditing permissions and changes in SQL Server, and maintaining ongoing compliance. The presenter provides recommendations for secure configurations, including role-based access control, encryption of data at rest and in transit, and auditing access through features like extended events and audit objects. Maintaining repeatable processes for security and change management is emphasized as important for compliance.
This document discusses setting up an ELK stack for log aggregation and analytics. It describes collecting logs from various sources using syslog-ng and Nxlog, parsing and transforming logs with Logstash, storing them in Elasticsearch for search and analysis, and visualizing logs in Kibana. OSSEC is also mentioned as a security information and event management tool that can integrate with the ELK stack.
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Andrejs Prokopjevs
Nowadays having a proper security configuration is a huge challenge, especially looking at the global hacks and personal data leak incidents that happened in IT a while back. Oracle EBS is not perfect and has lots of vulnerabilities covered by Oracle almost every quarter. A very small percent of Apps DBAs know all the features and options available, and usually, do not go over firewall/reverse proxy layer.
This presentation is going to cover an overview and recommendations of options and security features that are available and can be used out-of-the-box, and some of the non-trivial configurations that can help to keep your Oracle EBS system protected, per our experience.
One of the greatest challenges to securing any IBM i environment is protecting the system from the people charged with its care: programmers, administrators, and security officers. Even regular end users often carry more privileges than necessary.
Power users might need access to restricted objects and commands, but they rarely need that level of access 24 hours a day, and accountability is essential.
In this slide deck, IBM i security expert Robin Tatam first points out the vulnerabilities associated with powerful users. Then, explore an award-winning approach to regaining the control your auditors demand while allowing your administrators and programmers to do their jobs.
Included is a demonstration of tracking users in hard-to-audit environments such as SQL, QShell, DFU, SEU, and SST.
Hitachi ID provides privileged access management solutions to secure administrative passwords across on-premises and cloud applications. The presentation discusses Hitachi ID's corporate overview and product suite, focusing on its privileged access manager which randomizes privileged passwords daily, controls password disclosure, and provides logging and reporting for accountability. It also describes the fault-tolerant architecture with replicated password vaults across multiple sites to prevent data loss or service disruption in case of server crashes or site disasters.
Deploying privileged access workstations (PAWs) is part of a strategy to limit credential theft and lateral movement in an organization's network. PAWs are hardened administrative workstations designed to isolate privileged accounts and limit the exposure of credentials. An effective PAW strategy involves deploying dedicated hardware for administrators, applying security group policies and logon restrictions, and implementing additional controls like multi-factor authentication and device whitelisting.
Security landscape has been a constantly and rapidly changing scenario in the last decades. Threats have evolved from targeting services' availability to targeting data and data integrity. Therefore, now more than ever, data protection becomes critical and needs an in-depth approach which starts from the databes. Learn more about what MySQL has to offer to help you put in place security best practices to start protecting your data straight from the database!
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...Amazon Web Services
The cloud is not an 'All or Nothing' approach with regards to replacing workloads inside your datacenter. Enterprises with existing datacenters can easily extend their Infrastructure into the cloud to seamlessly leverage the benefits of cloud while using the same set of controls familiar to their business. However availability and security still remain among the top two concerns for CIOs when deciding on cloud adoption for their organization.
Amazon Web Services has infrastructure across multiple geographical Regions spanning five continents, with multiple Availability Zones in each Region along with a set of global edge locations. Building a similar infrastructure for high availability with your traditional datacenter would be non-trivial and cost prohibitive. Join this session to understand how you can achieve high availability across geographies, deploy your applications close to your users, control where your data is located, achieve low latency, and migrate your applications around the world in a cost-effective and easy manner using AWS services. You will also learn how AWS builds services in accordance with security best practices, provides appropriate security features in those services, has achieved industry standard certifications, and other third-party attestations. In addition, in line with the shared security model on the cloud, AWS customers must leverage on security features and best practices to architect an appropriately secure application environment. Enabling customers to ensure the confidentiality, integrity, and availability of their data is of the utmost importance to AWS, as is maintaining trust and confidence.
Default accounts are commonly exploited to gain unauthorized access to SAP systems. The presentation identifies several new default accounts in SAP Solution Manager with the password "init1234" that can be used to retrieve passwords, execute operating system commands, and fully compromise associated SAP systems. It provides examples of how these accounts can be exploited and advises customers to use available tools to detect and remediate exposed default accounts.
Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...Michael Pirnat
This document provides an agenda for a session on exploiting and mitigating the top 1 web application vulnerabilities according to OWASP. The session will run from 9:00 AM to 12:20 PM with a 20 minute break at 10:50 AM and a lunch break from 12:20 PM to 1:20 PM. The session will discuss injection attacks, broken authentication and session management, cross-site scripting, insecure direct object references, security misconfiguration, sensitive data exposure, missing function level access control, cross-site request forgery, using known vulnerable components, and unvalidated redirects and forwards. Prevention strategies and Django-specific advice will also be provided for each vulnerability.
Session form series of conferences during Data Relay (formerly SQL Relay) 2018 in Newcastle, Leeds, Birmingham, Reading, Bristol. The session contains only slides form the talk (no videos included).
Slides from data MindsConnect 2018 Conference hosted at Ghelamnco Arena in Ghent by Belgian SQL Server USer Grup. SECDev(OPS) How to embrace your security.
Session from SQLDay 2016 Conference in Wroclaw.
2 AM. We're sleeping well and our mobile is ringing and ringing. Message: DISASTER! In this session (on slides) we are NOT talking about the potential disaster (such BCM); we talk about: What happened NOW? Which tasks should have been finished BEFORE. Does virtual or physical SQL Server matter? We talk about systems, databases, people, encryption, passwords, certificates and users. In this session (on few demos) I'll show which part of our SQL Server environment are critical and how to be prepared for disaster. In some documents, I'll show You how to be BEST prepared.
This document provides an overview and introduction to Windows Azure SQL Database. It discusses key topics such as:
- SQL Database service tiers including Basic, Standard, and Premium, which are differentiated by performance levels measured in Database Transaction Units (DTUs) and other features.
- Database size limits and performance metrics for each tier.
- Database replication and high availability capabilities to ensure reliability.
- Support for common SQL Server features while noting some limitations compared to on-premises SQL Server.
- Considerations for database naming, users/logins, migrations, and automation in the SQL Database platform.
- Indexing requirements and compatibility differences to be aware of.
Tobiasz Janusz Koprowski presents information on disaster preparedness and recovery best practices. The document discusses the importance of having backups, recovery procedures, clearly defined roles and responsibilities, service level agreements, and contact information in case of an outage. Specific recommendations include regularly testing restores, storing backup files offsite, having accurate documentation, and ensuring key personnel are prepared to respond to disasters and outages.
Maintenance plans provide a way to automate database maintenance tasks such as integrity checks, index maintenance, and backups. They can be created using the Maintenance Plan Wizard or Maintenance Plan Designer. Common tasks include checking database integrity with DBCC CHECKDB, reorganizing or rebuilding indexes, updating statistics, and performing full, differential or transaction log backups. Care must be taken to choose the right tasks and schedule to maintain performance and protect the database.
The document discusses best practices for preventing and recovering from disasters affecting IT systems. It emphasizes the importance of being prepared through regular backups, testing restores, clear documentation of backup and restore procedures, and defined roles and responsibilities. Key recommendations include performing backups to separate storage regularly; testing restores from backups; having a disaster recovery plan, procedures, and environment ready; and ensuring appropriate staff are assigned roles to respond to an outage. The overall message is that the best way to survive a disaster is through preparation, including backups, documentation, training and assigning roles.
This document discusses different aspects of trust as it relates to technology and data security. It poses a series of questions about high availability, service level agreements, high security, compliance, standards, processes, data storage locations, borders, providers, people, procedures, testing, encryption, cloud services, and identity. The goal is to understand how to build and maintain trust through addressing questions around these key topics. The document also provides contact information for the author.
DELIVERED: Whitehall Media’s 3rd Enterprise Security and Risk Management conference | April, 28th London {http://www.whitehallmedia.co.uk/esrm/}
ABSTRACT: Cloud Computing is ready. Industry and government are already embarking on a journey towards Cloud. But… Trust is the Primer. How much trust can we place in cloud providers? What is the nature of this trust? How important is it and what is the future of trust?
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services. In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
This document provides an overview and introduction to Windows Azure SQL Database. It discusses the security requirements and compliance certifications for the Azure platform. It also covers key features of SQL Database including service tiers, sizes and performance levels measured in Database Transaction Units (DTUs). The document reviews compatibility and limitations compared to on-premises SQL Server versions.
Microsoft released SQL Azure more than two years ago - that's enough time for testing (I hope!). So, are you ready to move your data to the Cloud? If you’re considering a business (i.e. a production environment) in the Cloud, you need to think about methods for backing up your data, a backup plan for your data and, eventually, restoring with Red Gate Cloud Services. In this session, you’ll see the differences, functionality, restrictions, and opportunities in SQL Azure and On-Premise SQL Server 2008/2008 R2/2012. We’ll consider topics such as how to be prepared for backup and restore, and which parts of a cloud environment are most important: keys, triggers, indexes, prices, security, service level agreements, etc.
Maintenance Plans for Beginners | Each of experienced administrators used (to some extent) what is called Maintenance Plans - Plans of Conservation. During this session, I'd like to discuss what can be useful for us to provide functionality when we use them and what to look out for. Session at 200 times the forward-300, with the opening of the discussion.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Webinar: Designing a schema for a Data WarehouseFederico Razzoli
Are you new to data warehouses (DWH)? Do you need to check whether your data warehouse follows the best practices for a good design? In both cases, this webinar is for you.
A data warehouse is a central relational database that contains all measurements about a business or an organisation. This data comes from a variety of heterogeneous data sources, which includes databases of any type that back the applications used by the company, data files exported by some applications, or APIs provided by internal or external services.
But designing a data warehouse correctly is a hard task, which requires gathering information about the business processes that need to be analysed in the first place. These processes must be translated into so-called star schemas, which means, denormalised databases where each table represents a dimension or facts.
We will discuss these topics:
- How to gather information about a business;
- Understanding dictionaries and how to identify business entities;
- Dimensions and facts;
- Setting a table granularity;
- Types of facts;
- Types of dimensions;
- Snowflakes and how to avoid them;
- Expanding existing dimensions and facts.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
2. Awesome SQL Server
conferences on your door
step!
w: sqlrelay.co.uk
t: @sqlrelay_uk
SQL Security in the Clouds
Independent Consultant @ ShadowLand Consulting
http://koprowskit.eu/geek || http://itblogs.pl/notbeautifulanymore
3. about me
• independent consultant, security & licensing auditor
• Owner of ShadowLand Consulting
• Microsoft Certified Trainer
• SQL Server MVP (six… years in a row)
• MVP Mentor Program Member
• SharePoint Subject Matter Expert at CQURE
• active blogger, influencer, technical writer
• last 9 years living in Data Processing Center Jungle
• last 15 years working arroung banking and ICT
• Polish Information Technology Society Board Member
• Information Security Systems Association Board Member
4. 1 | Security in a Nutshell
2 | SQL Server Security Best Practices
3 | SQL Server 2014 Security Enhacement
4 | SQL Server Security in The Cloud
Summary
Appendix
AGENDA
8. Security? What is this?
• Security is the degree of resistance to, or protection from, harm. It applies to
any vulnerable and valuable asset, such as a person, dwelling, community,
nation, or organization.
• As noted by the Institute for Security and Open Methodologies (ISECOM) in the
OSSTMM 3 (Open Source Security Testing Methodology Manual), security
provides "a form of protection where a separation is created between the
assets and the threat." These separations are generically called "controls," and
sometimes include changes to the asset or the threat.
14. SQL Server Security Best Practices
• Efficiency and security have an inverse relationship to one another.
• You can have high efficiency or high security, but not both.
Example: `Small Bank Company` tend to favor efficiency over security:
• Cost limitations. This is the first and obvious reason. Community banks are fighting a
constant battle to remain competitive. Implementing security in systems adds costs -
there is no way around it.
• Risk. It's not always a conscious decision for a bank to improve efficiency by sacrificing
security. Sometimes there's a lack of understanding of the risks associated with the
systems we deploy.
• Personnel limitations. The many-hats syndrome runs rampant in smaller community banks.
• Regulatory emphasis. The current regulatory environment stresses controls as they relate
to policy and procedures.
15. authentication
• SQL Server supports:
• Windows Authentication Mode which supports
• Kerberos
• NTLM (Windows NT Lan Manager)
• Mixed Mode Authentication which supports
• Windows Accounts
• SQL Server specific accounts
SECURITY
BEST
PRACTICES
Best Practice:
use Windows Authentication mode
unless legacy application require Mixed Authentication for backward compability
16. secure sysadmin account
• sysadmin account (sa) is most vulnerable account when it’s not changed
• potential SQL Server attackers, hackers aware of this
SECURITY
BEST
PRACTICES
Best Practice:
change name of sysadmin account after installation
SSMS>Object Explorer>Logins>Rename (right click) / T-SQL
17. use complex password
SECURITY
BEST
PRACTICES
Best Practice:
ensure that complex password are used for sa and other sql-server-specific logins. Think about ENFORCE
EXPIRATION & MUST_CHANGE for any new SQL login
18. use specific logins
Best Practice:
use different accounts for different sql-server oriented services
Component Windows Server 2008
Windows 7 and Windows Server
2008 R2 and higher
Recommended accounts
Database Engine NETWORK SERVICE Virtual Account
*
SQL_Engine
SQL Server Agent NETWORK SERVICE Virtual Account
*
SQL_Agent
SSAS NETWORK SERVICE Virtual Account
*
SQL_srvAS
SSIS NETWORK SERVICE Virtual Account
*
SQL_srvIS
SSRS NETWORK SERVICE Virtual Account
*
SQL_srvRS
SQL Server Distributed Replay Controller NETWORK SERVICE Virtual Account
*
SQL_DRContro
SQL Server Distributed Replay Client NETWORK SERVICE Virtual Account
*
SQL_DRReplay
FD Launcher (Full-text Search) LOCAL SERVICE Virtual Account
SQL Server Browser LOCAL SERVICE LOCAL SERVICE
SQL Server VSS Writer LOCAL SYSTEM LOCAL SYSTEM
SECURITY
BEST
PRACTICES
19. sysadmin membership
• Member of sysadmin fixed-server role can do whatever they want on SQL
Server
• by default sysadmin fixed-server role has CONTROL SERVER permission
granted explicity
• do not explicitly grant CONTROL SERVER for Windows logins, Windows Group
logins and SQL logins
SECURITY
BEST
PRACTICES
Best Practice:
carefully choose the membership of sysadmin fixed-server
20. general administration
• everything (almost always) works under sa account especially with CONTROL
SERVER permission
• institute dedicated Windows logins for DBAs, and assign these logins sysadmin
rights on SQL Server for administration purposes.
SECURITY
BEST
PRACTICES
Best Practice:
use built-in fixed server roles and database roles or
create your custom roles, then apply for specific logins
21. revoke guest access
• by default guest accounts exist in every user and system databases
• is a potential security risk in lock down environment
• those accounts could be targets for attackers
• asssign public server role membership if you will need explicit access to user
databases
SECURITY
BEST
PRACTICES
Best Practice:
disable all gueast user access from all user and system databases
(excluding msdb database)
22. limit public permission
• SQL Server has many Stored Procedures and many od them have public access
permission:
• OLE AUTOMATION: sp_OACreate, sp_OAGetProperty, sp_OAStop,
sp_OAMethod, sp_OAGerErrorInfo, sp_OADestroy, sp_OASetProperty
• REGISTRY ACCESS: xp_regremovemultistring, xp_regaddmultistring,
xp_regread, xp_regdeletekey, xp_regdeletevalue, xp_regwrite
• OTHER ROUTINES: sp_sdidebug, xp_logevent, sp_sprintf, xp_dsninfo,
xp_msver, sp_sscanf, xp_stopmail, xp_grantlogin, xp_eventlog, xp_dirtree
SECURITY
BEST
PRACTICES
Best Practice:
revoke public role access for some axtended procedures
and check other store procedures
23. hardening sql server ports
• default sql server port 1433/1434 is well known as standard target for hackers
• by using SQL Server Configuration Manager you:
• can change default port
• can use specific TCP port intead of dynamic
• remeber about similar TCP/UDP ports (1433, 1434)
SECURITY
BEST
PRACTICES
Best Practice:
change default SQL Server port if it’s possible
24. disable sql server browser
• by default SQL Server Browser is disabled
• tt’s necessary to run when multiple instances are running on a single server
• any Windows user having the following rights would be capable to run the SQL
Server Browser service:
• deny access to this computer from the network / deny logon locally /
deny logon as a batch job
• Deny logon through Terminal Services / log on as a service / read and
write the SQL Server registry keys related to network communication
(ports and pipes)
SECURITY
BEST
PRACTICES
Best Practice:
change default SQL Server port if it’s possible
25. secure service accounts
• different service accounts for different services
• dedicated low-privileges domain accounts
• check membership on a regular basis
• use strong and different passwords for each account
SECURITY
BEST
PRACTICES
Best Practice:
create good plan and make note about service accounts and passwords
27. transparent data encryption
• first introduced with SQL Server 2008
• protecting data by performing I/O encryption and decryption for database and
log files
• passphrase (less secure), asymmetric key (strong protection, poor performance),
symmetric key (good performance, strong enough protection), certificate (strong
protection, good performance)
• New functionality for backup:
• takes non-encrypted backup data
• encrypt data before writing to disk
• compression is performed on the backup data first
• then encryption is applied to compressed data
• support for backup to Azure
SQL14 SECURITY
ENHACEMENTS
28. encryption key management
• Encryption options include:
• encryption algorithm
• certificate or asymmetric key
• only asymmetric key reside in EKM is supported
• multiple algorithm up to AES-256 are supported
• manageable by PowerShell, SMO, SSMS, T-SQL
• VERY IMPORTANT:
• asymmetric key or certificate MUST be backed up
• location MUST be different than backup location
• No RESTORE without asymmetric key or certificate
SQL14 SECURITY
ENHACEMENTS
29. connect any database
• new server-level permission
• grant CONNECT ANY DATABASE to a login that must connect to all databases
currently exist and any new in future
• does not grant any parmission in any database beyond connect
• to allow an auditing process to view all data or all database states CONNECT ANY
DATABASE may be combined with:
• SELECT ALL USER SECURABLES
• VIEW SERVER STATE
SQL14 SECURITY
ENHACEMENTS
30. impersonate any login
• new server-level permission
• when granted IMPERSONATE ANY LOGIN allows a middle-tier process to impersonate
the account of clients connecting to it
• when denied IMPERSONATE ANY LOGIN a high privileged login can be blocked from
impersonating other logins
• example:
CONTROL SERVER permission can be blocked
from impersonating other logins
SQL14 SECURITY
ENHACEMENTS
31. select all user securables
• new server-level permission
• when granted SELECT ALL USER SECURABLES a login (for example for auditing
purposes) can view data in all databases that the user can connect to
SQL14 SECURITY
ENHACEMENTS
32. SQL Server Express Security
• by default:
• instance name: SQLExpress
• networking protocol: disabled
• sql server browser: disabled
• user (local) instances:
• separated instance generated from parent instance
• sysadmin privileges on SQL Express on local machine
• runs as user process not as service process
• only windows logins are supported
• RANU instance (run as normal user)
34. Cloud Security
Microsoft Cloud Security Approach in a Nutshell
• Principles, patterns, and practices
• Security engineering
• Threats and countermeasures
• Secure the network, host, and application
• Application scenarios and solutions
• Security frame
• People, process, and technology
• Application, infrastructure, and business http://bit.ly/1zmeYi2
35. Security Model
• uses regular sql security model
• authenticate logins, map to users and roles
• authorize users and roles to sql objects
• support for standard sql auth logins
• username + password
• {admin, administrator, guest, root, sa}
Security model is 100% compatible with on-premise SQL
36. Security Requirements for Azure Platform
Microsoft Azure Datacenters
• North America
• North-central US - Chicago, IL
• South-central US - San Antonio, TX
• West US - California
• East US - Virginia
• Asia
• East Asia - Hong Kong, China
• South East Asia – Singapore
• South America
• Brasil – Sao Paulo
• Europe
• North Europe - Dublin, Ireland
• West Europe - Amsterdam,
Netherlands
• Japan
• Japan East, the Tokyo area
• Japan West, the Kansai area
• Oceania (announced, coming soon)
• Sydney, New South Wales
• Melbourne, Victoria
37. Security Requirements for Azure Platform
• As a Service Provider Microsoft has an obligation
to passing the several rules for security:
• ISO 27001/27002 Audit and Certification
• SOC 1/SSAE 16/ISAE 3402 and SOC 2 Attestations
• Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)
• Payment Card Industry (PCI) Data Security Standards (DSS) Level 1
38. Security Requirements for Azure Platform
Also they passing (…) several data securing audits:
• Australian Government Information Security Registered Assessors Program (IRAP)
• United Kingdom G-Cloud Australian Government IRAP
• Multi-Tier Cloud Security Standard for Singapore (MTCS SS 584:2013)
• HIPAA Business Associate Agreement (BAA)
• EU Model Clauses
• Food and Drug Administration 21 CFR Part 11
• Family Educational Rights and Privacy Act (FERPA)
• Federal Information Processing Standard (FIPS) 140-2
• Trusted Cloud Service Certification developed by China Cloud Computing Promotion and Policy Forum
(CCCPPF)
• Multi-Level Protection Scheme (MLPS)
39. Security Requirements for Azure Platform
ISO/IEC 27001:2005 Audit and Certification
ISO Scope: The following Azure features are in scope for the current ISO audit: Cloud Services (including
Fabric and RDFE), Storage (Tables, Blobs, Queues), Virtual Machines (including with SQL Server), Virtual
Network, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile Services, Service Bus,
Workflow, Multi-Factor Authentication, Active Directory, Right Management Service, SQL Database, and
HDInsight. This includes the Information Security Management System (ISMS) for Azure, encompassing
infrastructure, development, operations, and support for these features. Also included are Power BI for
Office 365 and Power Query Service.
SOC 1 and SOC 2 SSAE 16/ISAE 3402 Attestations
Scope: The following Azure features are in scope for the current SOC 1 Type 2 and SOC 2 Type 2 attestations:
Cloud Services (includes stateless Web, and Worker roles), Storage (Tables, Blobs, Queues), Virtual Machines
(includes persistent virtual machines for use with supported operating systems) and Virtual Network
(includes Traffic Manager).
40. Security Requirements for Azure Platform
And of course requirements for Data Centers:
• Physical security of the data centers (locks, cameras, biometric devices, card readers,
alarms)
• Firewalls, application gateways and IDS to protect the network
• Access Control Lists (ACLs) applied to virtual local area networks (VLANs) and applications
• Authentication and authorization of persons or processes that request access to data
• Hardening of the servers and operating system instances
• Redundant internal and external DNS infrastructure with restricted write access
• Securing of virtual machine objects
• Securing of static and dynamic storage containers
41. SQL Server 2005 {9.0} NON-Compability
• Common Language Runtime (CLR) and CLR User-Defined Types
• Database Mirroring
• Service Broker
• Table Partitioning
• Typed XML and XML indexing is not supported. The XML data type is supported
by SQL Azure.
42. SQL Server 2008 {10.0} NON-Compability
• Change Data Capture
• Data Auditing
• Data Compression
• Extended Events
• External Key Management / Extensible Key Management
• FILESTREAM Data
• Integrated Full-Text Search
• Large User-Defined Aggregates (UDAs)
• Large User-Defined Types (UDTs)
• Performance Data Collection (Data Collector)
• Policy-Based Management
• Resource Governor
• SQL Server Replication
• Transparent Data Encryption
43. SQL Server 2008 R2 {10.50} NON-Compability
• SQL Server Utility
• SQL Server PowerShell Provider
• Master Data Services
SQL Server Management Studio does not support
Windows Azure SQL Database
in versions prior to SQL Server 2008 R2
45. SQL Server Security in the Cloud
• Same security principals like SQL Server on premise
• Full responsibility for DBA with Virtual Machine
• Partial responsibility for DBA with Azure SQL Database
• Automatic updates for Azure SQL Database
• New functionality implemented by Microsoft
• Some incompabilities with t-sql, functions, store procedures
• Increased security by default on Azure platform
46. SQL Server in Cloud: WASD vs VM
Choose Azure SQL Database, if:
• You are building brand new, cloud-based applications; or you want to migrate your existing SQL Server database to
Azure and your database is not using one of the unsupported functionalities in Azure SQL Database. For more
information, see Azure SQL Database Transact-SQL Reference. This approach provides the benefits of a fully managed
cloud service and ensures the fast time-to-market.
• You want to have Microsoft perform common management operations on your databases and require stronger
availability SLAs for databases. This approach can minimize the administration costs and at the same time provides a
guaranteed availability for the database.
Choose SQL Server in Azure VM, if:
• You have existing on-premises applications and wish to stop maintaining your own hardware or you consider hybrid
solutions. This approach lets you get access to high database capacity faster and also connects your on-premises
applications to the cloud via a secure tunnel.
• You have existing IT resources, need full administrative rights over SQL Server, and require the full compatibility with
on-premises SQL Server (for example, some features do not exist in Azure SQL Database). This approach lets you
minimize costs for development or modifications of existing applications with the flexibility to run most applications. In
addition, it provides full control on the VM, operating system, and database configuration.
47. Three Pillars of a Secure Hybrid Cloud
Environment
• Pillar One: risk assessment and management
• A definition of the risks that apply to various asset(s), based on their business
criticality.
• An assessment of the current status of each risk before it’s moved to the cloud.
Using this information, each risk can be accepted, mitigated, transferred or avoided.
• An assessment of the risk profile of each asset, assuming it has been moved to the
cloud.
• Pillar Two: policy and compliance
• Cloud providers need to understand that simply listing compliance certifications isn’t
sufficient. In line with the mantra of transparency explored in the previous point,
providers should take a proactive stance to sharing their security implementations
and controls.
Dimension Data often assists clients by providing them with a list of questions
that we believe they should be posing to cloud providers as part of the
evaluation process, to ensure they’re covering all the bases.’
48. Three Pillars of a Secure Hybrid Cloud Environment
• Pillar Three: provider transparency
• Governance: the ability of an organisation to govern and measure enterprise risk
introduced by cloud.
• Legal issues: regulations, and requirements to protect the privacy of data, and the security
of information and computer systems.
• Compliance and audit: maintaining and proving compliance when using the cloud.
• Information management and data security: managing cloud data, and responsibility for
data confidentiality, integrity and availability.
• Portability and interoperability: the ability to move data or services from one provider to
another, or bring them back in-house.
• Business continuity and disaster recovery: operational processes and procedures for
business continuity and disaster recovery.
49. Three Pillars of a Secure Hybrid Cloud Environment
• Pillar Three: provider transparency
• Data centre: evaluating any elements of a provider’s data centre architecture and
operations that could be detrimental to ongoing services.
• Incident response, notification and remediation: adequate incydent detection, response,
notification, and remediation.
• Application security: securing application software running on or developed in the cloud.
• Encryption and key management: identifying proper encryption usage and scalable key
management.
• Identity and access management: assessing an organisation’s readiness to conduct cloud-
based identity, entitlement, and access management.
• Virtualisation: risks associated with multi-tenancy, virtual machine isolation and co-
residence, hypervisor vulnerabilities, etc.
50. Recommendations
• Create a new role for an Information Manager who owns information
governance across (all SharePoint) environments
• Train and educate all stakeholders about risk and liability
• Assess the appropriateness of using SharePoint versus other document
management tools
• Define information governance policies for access, retention, archival, and
backup
• Automate risk controls
• Audit user and data activities
• Resources:
• Microsoft TechNet
• Microsoft MSDN
• Legal Sources for Compliance Requirements
52. links
• ISECOM (the Institute for Security and Open Methodologies)
• http://www.isecom.org/about-us.html
• OSSTMM (Open Source Security Testing Methodology Manual)
• http://www.isecom.org/research/osstmm.html
• Library of Resources for Industrial Control System Cyber Security
• https://scadahacker.com/library/index.html
• patterns & practices: Cloud Security Approach in a Nutshell
• https://technet.microsoft.com/en-us/ff742848.aspx
• Microsoft Azure Trust Center: Security
• http://azure.microsoft.com/en-us/support/trust-center/security/
• 10 Things to know about Azure Security
• https://technet.microsoft.com/en-us/cloud/gg663906.aspx
• Security Best Practice and Label Security Whitepapers
• http://blogs.msdn.com/b/sqlsecurity/archive/2012/03/07/security-best-practice-and-label-security-whitepapers.aspx
53. links
• Hello Secure World
• http://www.microsoft.com/click/hellosecureworld/default.mspx
• SQL Server Label Security Toolkit
• http://sqlserverlst.codeplex.com/
SQL Server Best Practices Analyzer
• Microsoft Baseline Configuration Analyzer 2.0
• http://www.microsoft.com/en-us/download/details.aspx?id=16475
• SQL Server 2005 Best Practices Analyzer (August 2008)
• http://www.microsoft.com/en-us/download/details.aspx?id=23864
• Microsoft® SQL Server® 2008 R2 Best Practices Analyzer
• http://www.microsoft.com/en-us/download/details.aspx?id=15289
• Microsoft® SQL Server® 2012 Best Practices Analyzer
• http://www.microsoft.com/en-us/download/details.aspx?id=29302
54. links
• Microsoft Security Assessment Tool
• http://www.microsoft.com/downloads/details.aspx?FamilyID=6D79DF9C-C6D1-4E8F-8000-
0BE72B430212&displaylang=en
• Microsoft Application Verifier
• http://www.microsoft.com/downloads/details.aspx?FamilyID=bd02c19c-1250-433c-8c1b-
2619bd93b3a2&DisplayLang=en
• Microsoft Threat Analysis & Modelling Tool
• http://www.microsoft.com/downloads/details.aspx?FamilyID=59888078-9daf-4e96-b7d1-
944703479451&DisplayLang=en
• How To: Protect From SQL Injection in ASP.NET
• http://msdn2.microsoft.com/en-us/library/ms998271.aspx
• Securing Your Database Server
• http://msdn.microsoft.com/en-us/library/aa302434.aspx
• Threats and Countermeasures
• http://www.microsoft.com/technet/security/guidance/serversecurity/tcg/tcgch00.mspx
55. links
• Configure Windows Service Accounts and Permissions
• https://msdn.microsoft.com/en-us/library/ms143504.aspx#Network_Service
• Select an Account for the SQL Server Agent Service
• https://msdn.microsoft.com/en-us/library/ms191543.aspx
• Server Configuration - Service Accounts
• https://msdn.microsoft.com/en-us/library/cc281953.aspx
56. azure resources: security
• Azure Security: Technical Insights
• Security Best Practices for Developing Azure Solutions
• Protecting Data in Azure
• Azure Network Security
• Microsoft Antimalware for Azure Cloud Services and Virtual Machines
• Microsoft Enterprise Cloud Red Teaming
• Microsoft Azure Security and Audit Log Management
• Security Management in Microsoft Azure
• Crypto Services and Data Security in Azure
57. azure resources: security & privacy
• Business Continuity for Azure
• Understanding Security Account Management in Azure
• Azure Data Security: Cleansing and Leakage
• Scenarios and Solutions Using Azure Active Directory Access Control
• Securing and Authenticating a Service Bus Connection
• Azure Privacy Overview (PDF)
• Azure Privacy Statement
• Law Enforcement Request Report
• Protecting Data and Privacy in the Cloud
58. azure resources: compliance & more
• Response to Cloud Security Alliance Cloud Controls Matrix (DOC)
• Azure HIPAA Implementation Guidance (PDF)
• Azure Customer PCI Guide (PDF)
• The Microsoft Approach to Cloud Transparency (PDF)
• Microsoft Trustworthy Computing
• Operational Security for Online Services Overview (PDF)
• Data Classification for Cloud Readiness
• CISO Perspectives on Data Classification (PDF)
• An Introduction to Designing Reliable Cloud Services (PDF)
• Deploying Highly Available and Secure Cloud Solutions (PDF)
59. azure resources
RESOURCE DESCRIPTION
MSDN: Azure SQL Database
MSDN: SQL Server in Azure
Virtual Machines
Azure.com: Azure SQL Database
Links to the library documentation.
Azure SQL Database and SQL
Server -- Performance and
Scalability Compared and
Contrasted
This article explains performance differences and troubleshooting
techniques when using Azure SQL Database and SQL Server running on-
premises or in a VM.
Application Patterns and
Development Strategies for SQL
Server in Azure Virtual Machines
This article discusses the most common application patterns that apply to
SQL Server in Azure VMs and also hybrid scenarios including Azure SQL
Database.
Microsoft Enterprise Library
Transient Fault Handling
Application Block
This library lets developers make their applications running on Azure SQL
Database more resilient by adding robust transient fault handling logic.
Transient faults are errors that occur because of some temporary
condition such as network connectivity issues or service unavailability.
Since Azure SQL Database is a multitenant service, it is important to
handle such errors to minimize any application downtime.
60. credits
• Yes, 123456 is the most common password, but here’s why that’s misleading
http://arstechnica.com/security/2015/01/yes-123456-is-the-most-common-password-but-heres-why-thats-misleading/
• CIO’s are Listening, Security is Important…
https://communities.intel.com/community/itpeernetwork/blog/2014/05/20/cio-s-are-listening-security-is-important