Infrastructure at your Service


Security Archives - Blog dbi services

Christian Weinfurtner

Oracle 21c: Blockchain Tables

By | Database Administration & Monitoring, Database management, Entreprise content management, Oracle | No Comments

Oracle Blockchain Tables With Oracle Database 20c/21c the new feature Oracle Blockchain Tables has been introduced. Blockchain Tables enable Oracle Database users to create tamper-resistant data management without distributing a ledger across multiple parties. Database security can be improved by using Blockchain Tables to avoid user fraud and administrator fraud as well. One of the main characteristics of Oracle Blockchain Tables is that you can only append data. Table rows are chained using a cryptographic…

Read More
Mouhamadou Diaw

Oracle 21c Security : Gradual Database Password Rollover

By | Database Administration & Monitoring, Database management, Oracle, Security | 5 Comments

Starting with Oracle 21c, a password of an application can be changed without having to schedule a downtime. This can be done by using the new profile parameter PASSWORD_ROLLOVER_TIME This will set a rollover period of time where the application can log in using either the old password or the new password. With this enhancement, an administrator does not need any more to take the application down when the application database password is being rotated….

Read More
Burgert Daniel

Increase your PostgreSQL databases security by checking a few settings Part 2

By | Database Administration & Monitoring, Postgres, Security | No Comments

Continuing from my first blog we will check some more access and authentication configurations. Focusing on removing unnecessary database privileges. After that we will configure the backend parameters correctly to have more robust PostgreSQL server/client sessions. And at last SSL encryption for these sessions will be configured.

Read More
Stéphane Haby

SQL Server Tips: Orphan database user but not so orphan…

By | Database Administration & Monitoring, Database management | No Comments

Beginning of this year, it is good to clean up orphan users in SQL Server databases. Even if this practice must be done regularly throughout the year of course. 😉 During my cleaning day, a new case appears that I never had before and enjoy to share it with you. To find orphan database-users, I use this query: SELECT *FROM sys.database_principals a LEFT OUTER JOIN sys.server_principals b ON a.sid = b.sid WHERE b.sid IS NULL…

Read More
Microsoft Team

Using non-root SQL Server containers on Docker and K8s

By | Database Administration & Monitoring, DevOps, Docker, Kubernetes, SQL Server | No Comments

This is something that I waited for a while, in fact since SQL Server 2017 … and the news came out on Wednesday 09th September 2019. Running Non-Root SQL Server Containers is now possible either on the next version of SQL Server (2019) and it has been backported on SQL Server 2017 as well. Non-root SQL Server containers will likely be part of hidden gem of SQL Server new features, but this is definitely a…

Read More
Dominique Althuser

Email Spoofing

By | Security | No Comments

Have you ever had this unhealthy sensation of being accused of facts that do not concern you? To feel helpless in the face of an accusing mail, which, because of its imperative and accusing tone, has the gift of throwing us the opprobrium? This is the purpose of this particular kind of sextortion mail that uses spoofing, to try to extort money from you. A message from a supposed “hacker” who claims to have hacked…

Read More
Nathan Courtine

Transparent Data Encryption – Certificate in master database: is it really a good practice?

By | Database Administration & Monitoring | 6 Comments

As encryption solution in SQL Server, Transparent Data Encryption (TDE) is simple and quick to set up. That’s why this is a common encryption mechanism. TDE encrypts data with a certificate at the page level, before SQL Server writes on the disk. It is supposed to protect your environment from some scenarios, where SQL Server files (backups or data) are stolen. By default the certificate used for encryption is stored in the master database. But…

Read More
Stéphane Haby

SQL server security pre-conference @SQL Pass Summit 2018 in Seattle

By | Database Administration & Monitoring, SQL Server, Technology Survey | No Comments

After long hours of flights, Christophe Cosme and I finally arrived in Seattle at the SQL PASS Summit 2018. We picked up our badge and bag and now we are ready to begin… This first day for me started with the pre-conference about SQL Server Security with Denny Cherry. Many topics were discussed like: Network Designs (such as public IP vs. Private IP) Firewall configurations (such as Network Design between Public network, Internal network and…

Read More