Securing SQL Server from inside-attacks
In this presentation Ralf Dietrich and Andreas Wolter will assume the role of the DBA/DBDev and an external consultant. Playing through different scenarios, the external consultant will resort to all kinds of tricks to access data in a supposedly properly arranged database environment, which was actually not intended by the DBA/DBDev. Of course, he will then have the chance to fix this gap. The match is repeated on different levels with different scenarios until a desirable condition is reached. This session holds in store surprising insights even for experienced administrators, covering topics from schema ownership implication to best practices for user-permissions, while administrators may still allow the external consultants to do all necessary work.
SARPEDON Quality Lab
Sr Technical Consultant
Andreas Wolter (MCT, MCITPDD, MCITPBID, MCITPDA, MCDBA, MCSA) has been working since a decade with SQL Server, holding professional classes or developing at customers sites. With his company SARPEDON Quality Lab (http://www.SarpedonQualityLab.com) he specializes in the development and optimization of database-systems and data warehouse-environments, with security being particularly close to his heart. Visit his blog at http://www.vb-magazin.de/forums/blogs/andreaswolter
data platform architect
Following his studies, Ralf Dietrich has been working as a database & datawarehouse architect, strategy consultant and trainer for more than 12 years. In various work environments, he got to know VLDB installations as well as system critical implementations, which he now helps improve by redesigning complex and/or big installations for performance and better workflows. Currently working on a very big migration project with terrabytes of data and dozens of sql server. After sql work his focus is in playing with his 5 kids, managing his company and community development as PASS board advisor in Germany as chapter leader in Saxony.
Register Now for PASS Summit 2010!