Adding enhanced password constraints to SQL Server

[Prior Post in Series]    [Next Post in Series] In my prior posts on applying PCIDSS standards to protect your company’s data I showed now a DDL trigger (FOR LOGON) may be used to enhance logon security. In this post I will look at a different pattern to improve password constraints. In this post I will…

0

Temporal constraints on Login in SQL Server

[Prior Post in Series]  [Next Post in Series] In my prior posts on applying PCIDSS standards to protect your company’s data I showed now a DDL trigger (FOR LOGON) may be used to enhance logon security. In this post I will look at using the same DDL trigger (FOR LOGON) with some additional tables to…

0

Best Practices Analyzer Exceptions expected for Dassault Systèmes ENOVIA

If you run the SQL Server 2005/2008R2 Best Practices Analyzer (see my prior post) on a for Dassault Systèmes ENOVIA or SmarTeam, the BPA report might show the exception shown below. Do not correct it – this is by design and you should click [Exclude this Result]. For any other exception, correct it or document the…

0

Best Practices Analyzer Exceptions expected for PTC’s Windchill

If you run the SQL Server 2005/2008R2 Best Practices Analyzer (see my prior post) on a PTC Windchill installation, the BPA report might show the exception shown below. Do not correct it – this is by design and you should click [Exclude this Result]. For any other exception, correct it or document the reason for the…

0

SQL Server Security – Additional Resources

[Prior Post in Series] The intellectual property (IP) stored on SQL Server in your PLM may be your firm’s greatest asset. Its value is more than credit card records (credit cards can be cancelled if lost, IP can’t). It is equivalent to a state secret for your firm. The logical solution is not to try…

0

Expiring sessions after 15 minutes on SQL Server

[Prior Post in Series]  [Next Post in Series] In my prior posts on applying PCIDSS standards to protect your company’s data I showed now a DDL trigger (FOR LOGON) may be used to enhance logon security. In this post, I will look at a solution that works by executing a stored procedure every few minutes….

2

Adding failed SQL Server Logon Support to a PLM SQL Server

[Prior Post in Series]   [Next Post in Series] In my prior post on securing PLM systems (Enovia and Windchill) I cited that SQL Server does not disable accounts after N failed attempts, allowing a malicious agent to do a brute force attack on a known account like “sa”. In many cases, just walking a list…

1

Best Practices Analyzer for ISV SQL Servers to protect your company’s property

The intellectual property(IP) or other valuable information may be stored on SQL Server in your ISV product. Its value is more than credit card records (credit cards can be cancelled if lost, IP can’t). It may be the equivalent of a state secret for your firm. Microsoft provides two versions of its free Best Practices…

0

Improving SQL Server Security to PCIDSS Standards

Author: This article is written by our contributing author Ken Lassesen. His bio can be found here. [Prior Post in Series]    [Next Post in Series] [Next Child Post in Series] I am a standards-based person and prefer to adopt existing best practices. When I work in the roles of Product Manager or Architect on…

0

How Important Is Your Data? (Mini-Lab Part 2/2)

[Prior Post in Series] In Part 1 of this 2 part Mini-Lab series we looked at setting up TDE (Transparent Data Encryption) for a database and backing it up.  In Part 2 we’re going to discuss restoring a database (that has TDE enabled) to a different instance as well as disabling and removing TDE if desired. RESTORING…

0