Get Rid of Deadlocks

Locks are used by relational database management systems to increase user concurrency (more users) while guaranteeing data consistency. A deadlock is when two locks interfere each other, and is caused by one process locking a row, page, partition, or table while it waits for another row, page, partition, or table to become available, but the one it’s…

4

The Database STIG’s System Security Plan

The Database STIG requires a written System Security Plan, and it’s the responsibility of the Information Assurance Officer (IAO) to create it (see section 3.1.9 below). Although the DBA doesn’t create it, the DBA can advise the IAO, and the DBA is required to maintain compliance with the security plan. The following excerpts are from…

3

Securing SQL Server Integration Services (SSIS)

I was recently asked about securing SQL Server Integration Services, and I knew next to nothing about it. After digging in for a while, here are my notes, mostly for myself, but shared in case they might help someone else. There are 3 areas that need to be secured: The SSIS Engine SSIS Packages SQL Server…

1

SQL Server and PowerShell Security

Sometime back, I heard that Microsoft was going to start using PowerShell scripts to monitor and optionally enforce security standards in SQL Server configurations, such as in the Microsoft Security Compliance Manager (SCM). I knew little about PowerShell, but right away I had a serious concern about whether or not requiring the use of PowerShell…

0

Separation of Duties for DBA’s

Someone recently asked me about the principle of separation of duties (aka segregation of duties) as it applies to SQL Server DBA’s, and I thought that would make a good topic for this blog, so here goes… The idea of separating duties in general is to prevent a single person from being able to complete…

3

SQL Server, the DoD, and Common Criteria

Common Criteria is an international standard for a set of security characteristics, and the U.S. Department of Defense (DoD) Database Security Technical Implementation Guide (STIG) (via the Security Readiness Review for SQL Server) requires it to be enabled. (See DG0084.) You can turn it on by using sp_configure (“common criteria compliance enabled”) or by using SQL Server…

2

Free SQL Ranger Training

When I first heard about “SQL Rangers” I wasn’t sure what it was, but I definitely wanted to be one. Just ’cause it sounded so cool. Basically, it was an early name for what later became Microsoft Certified Masters, which was the highest level of certification. Over time, the Master certification program expanded and evolved,…

0

Conditionally Updating Statistics

SQL Server’s query optimization engine uses statistics on indexes to determine the most efficient execution plans. By default, SQL Server automatically updates statistics, but sometimes the automatic processes don’t update them soon enough, so there are multiple ways to force them to update to help keep your queries running as efficiently as possible. The main…

0

PFE vs. Consultant

Well, it’s almost the end of June and none of my draft posts are close enough to finishing to meet my self-imposed standard of at least one post per month. So, here’s a pathetic little human-interest post. Microsoft has a Services group which provides a variety of support personnel to customers. Customers pay for this…

1

Test SharePoint Mirror Without Down-Time

Here’s a ??SQL Server PFE war-story to give one example of one of the kind of work we might do. Most of the customers I support run SharePoint services, and they use a variety of methods to provide disaster recovery capabilities. One method involves SQL Server’s Database Mirroring capability to maintain a copy of the data at…

0