Security

Learn how to use PowerShell to create SQL Server logins across numerous SQL Server instances with an Excel input file with the instance and login parameters.

Learn how to setup a default schema for a Windows Group in SQL Server as well as identify groups without a default schema.

In this article we will show how to use Visual Studio and SQL Server Data Tools to compare SQL permissions.

Learn about the best practices to secure the SQL Server sa account to avoid security issues.

Learn how to grant user access to all SQL Server databases with both SSMS and T-SQL scripts.

I have read part 1 and part 2 of your tip series and the tips are great. I have a large environment with numerous SQL Server databases where I need to clone logins. How can I automate this code to save time and ensure accuracy?

Learn how to clone a SQL Server login this second part of this series.

I read the PCI DSS document and found a lot of different requirements. Could you please help me to find the SQL Server DBA best practices related to PCI?

In a previous tip we looked at how to generate a random password. In this tip we look at another approach of generating a random password based on a list of words. Check out the tip to learn more.

How can I use T-SQL to generate a random password in SQL Server that meets my organization's password requirements?

I need to create a login for my SQL Server and assign it the correct permissions. I already have another login which has the exact permissions I want. Is there a way I can clone the login that has all the permissions?

I want to prevent developers from attempting to log into production databases using application logins (and to log any such attempts). I want to know if there is a more elegant way to do this without letting the user know it was prevented by a trigger.

I was asked to catalog all the port information for our SQL Servers and I'm looking to automate things, or at least gather the information without logging on to each server. In this tip we look at how this can be done.

MSSQLTips.com recently hosted a webinar on monitoring, securing and protecting SQL Servers in Amazon Web Service's (AWS) RDS environment. The webinar was followed by a Q and A session where attendees had the opportunity to post their questions. This tip t

PCI DSS has strict requirements about implementing security updates and using only applications which are supported by the vendors. In this tip we cover creating a patching policy for SQL Server.

One important task as DBA is to manage security in our database server environments. Part of this is to administer the permissions for each user in each database. Sometimes there are orphaned Users (no login exists for the user) in a database and we may w

I tried to configure SSL encryption for my Microsoft SQL Server, but it does not work properly. Could you please help me identify the root cause of the issue?

Security is becoming more and more of a concern these days. In some shops, the path of least resistance is to give developers system admin access to instances of SQL Server. It is often a better choice to tighten things up a little more than that - only g

I occasionally see people troubleshooting some problem in Windows, where the only information they have is the Windows SID. Trying to map that to the SID belonging to a login or group in SQL Server is difficult. In this tip I show a function that can be

I heard that certain SQL Server security requirements can be fulfilled by module signing. Could you please explain the purpose of module singing and provide an example in SQL Server?

Following the webcast on protecting confidential data, a few viewers asked excellent questions unrelated to RegEx and the below provide some approaches as answers to these questions.

In our extract, transform, and load (ETL) processing, we have some sensitive files and folders. Files containing financial information, as well as configuration files and the like, are stored on disk. We need to know if someone touches them. Is there a wa

It's a common task that DBAs need to drop SQL Server logins after a user leaves a company or some business scenario changes. Usually this is not a big task, but in a worst case scenario the SQL Server login may have database user accounts in multiple data