Security

Increase your PostgreSQL databases security by checking a few settings Part 2

Continuing from my first blog we will check some more access and authentication configurations. Focusing on removing unnecessary database privileges. After that we will configure the backend parameters correctly to have more robust PostgreSQL server/client sessions. And at last SSL(…)

Increase your PostgreSQL databases security by checking a few settings

This blog provides you with a short overview of easy to control settings that enhance your PostgreSQL security. Mostly by creating a separate group to assign privileged database members. And checking different logging and log rotations settings for better and(…)

SQL Server Tips: Orphan database user but not so orphan…

Beginning of this year, it is good to clean up orphan users in SQL Server databases. Even if this practice must be done regularly throughout the year of course. 😉 During my cleaning day, a new case appears that(…)

Using non-root SQL Server containers on Docker and K8s

This is something that I waited for a while, in fact since SQL Server 2017 … and the news came out on Wednesday 09th September 2019. Running(…)

Email Spoofing

Have you ever had this unhealthy sensation of being accused of facts that do not concern you? To feel helpless in the face of an accusing mail, which, because of its imperative and accusing tone,(…)

Documentum CS 7.* – 777 permission on jobs log

A few weeks ago at a customer, our team was involved in a security control. We tracked files with 777 permission and we detected that logs generated by Documentum jobs have 777 permissions.

Transparent Data Encryption – Certificate in master database: is it really a good practice?

As encryption solution in SQL Server, Transparent Data Encryption (TDE) is simple and quick to set up. That's why this is a common encryption mechanism. TDE encrypts data with a certificate at the page level, before SQL Server writes on(…)

SQL server security pre-conference @SQL Pass Summit 2018 in Seattle

After long hours of flights, Christophe Cosme and I finally arrived in Seattle at the SQL PASS Summit 2018. We picked up our badge and bag and now we are ready to begin… This first day for me(…)

SQL Server Tips: Drop a database-user attached to a service…

Few weeks ago, I have a little issue when I try to drop a database-user without login Unfortunately, I do a little mistake at the beginning… I receive like every morning a report if all AD logins (computers, groups,(…)

SQL Server Security: Are your databases ready for the GDPR?

The GDRP (General Data Protection Regulation), voted in 2016, will be applied in the European Union soon (May 25, 2018). We heard a lot of this new directive. The goal is to improve the protection and confidentiality of personally(…)