Surface Area Configuration Audit

The Surface Area Setup Microsoft has built an incredible number of excellent features into SQL Server over the years, vastly increasing the surface area of possible vulnerabilities. Some of these features can be both a…

Data Masking is not enough to protect personal information from prying eyes!

Data Masking is the process of either obfuscating or replacing personally identifying information with meaningless data that cannot be used to identify the items being masked. The data masking process is frequently used to alter…

Internet access to your SQL Server?

Occasionally I see questions on dba.stackexchange.com where it appears the SQL Server is exposed directly to the Internet, allowing remote connections. This is very bad. In this post, I provide some reasons why. First, it…

Vulnerability Assessment recommends disabling Remote Admin Connections

SSMS 17 has the handy ability to run quick Vulnerability Assessments against your database. One of the Vulnerability Assessment checks looks to see if the Dedicated Administrator Connection, otherwise known as the “DAC”, is enabled…