Editorials

Good Suggestions for Security

by Ben Taylor

Featured Article(s)
Risk Management — Prevention is better than cure [Part II]
We have had a look at Risk Management in the earlier part of this series. This is the concluding part of this series of my articles on Risk Management and discusses the activities involved in the Risk Management process and the roles and responsibilities of a Risk Manager.

Working with or Supporting Sharepoint?
If you are, make sure you get the free training from AppDev. They’re providing step-by-step instruction and include a learning module, so you’ll be on your way and know how to get started. Lots of materials included and you can see just how quickly you can learn about getting going with SharePoint Server 2007. Get more information here.

Good Suggestions for Security
I mentioned security for your data yesterday, specifically adding the metadata type bits to your planning. A few people wrote in with some additional thoughts and ideas – wanted to pass along a couple of really great suggestions as you consider just how to attack the protection of your systems.

First, one person pointed out that a lot of times, the source code is overlooked as needing to be protected as well. Great point. The source code for the applications you’re developing necessarily contains all sorts of information and access points to your data. Make sure those that need access have it, and that those that don’t need access, don’t.

Second, another person wrote in an suggested setting up ABuse cases, as compared with use cases. Call a meeting, look at the different ways information can be used, then look for the holes. The tags, the classifications, the summary, the reports – where does the data become vulnerable. This is one for technical folks as well as users and managers. You want to think about as many ABUSE cases as possible so you can consider what needs to be protected and what can be ignored safely.

Drop me a note if you have ideas and approaches that have worked (or NOT worked…)

Featured White Paper(s)
The SQL Server Utility: A Highly Available, Flexible, Simple Approach to SQL Server Consolidation
The success of SQL Server in recent years has produced a phenomenon of SQL Server sprawl—the uncoordinated deployment of ten… (read more)

Creating an Enterprise Level Acceptable Use Policy for the Internet
Internet access has become a critical factor in the success of most companies and organizations around the world. Everyday, m… (read more)

Designing Executive Dashboards
Dashboards are a “must have” for today’s business executive – yet creating one is no small task. You must transform complex d… (read more)

Comparing XBRL vs. XML
One of the first questions many people ask about XBRL is how it is different than XML? While XBRL is XML, there are differenc… (read more)

Entity Extraction Enables Discovery
A discovery search is one in which you don’t know, or can’t know, all relevant search terms. Automated entity extraction le… (read more)

Tags:
Author: Ben TaylorBen is a Relational Database veteran starting in the early eighties on DEC Vax database systems such as Bloom and Harvest. He has specialized in SQL engines for more than two decades, with a primary focus on Microsoft SQL Server. Ben has worked with small and large databases for both OLAP and OLTP working on systems for many industries such as Medical (Medical Claims and Eligibility Warehouse, HMO Provider Management, Enrollment), Financial (credit card processing, mortgage, stock portfolio management), Manufacturing (Assembly Line and Product Assemblies), Sales, Auto Auctions and more.