 | | The Complete Weekly Roundup of SQL Server News | | Hand-picked content to sharpen your professional edge |
|
Secure Enclave Concerns We worry about security as data professionals. It's a constant issue, though it seems that so many of the data breach issues come from simple mistakes. We have lots of automation, configuration as code, and more. These days we should have a protocol and automated process for setting up systems, file shares, and other ways of allowing others to access data. Awhile back we had attacks against hardware (Meltdown and Spectre), which required patches to systems to secure them. This was disruptive, but I haven't seen any widespread security issues as a result of these flaws. Many systems were patched, though it's entirely possible that there have been exploits. In a report this week, researchers have found a way to read data in the secure enclaves of some chipsets. That's disconcerting because lots of secure software counts on the Intel Software Guard Extensions (SGX) protecting data. This is part of the Always Encrypted enhancements in SQL Server 2019, which I was happy to see added. These are supposed to help ensure you can protect data, even if you don't have control of the physical machine, which is common in hosted and cloud scenarios. A new exploit could be a problem. Intel says it's not, but they have an interest in saying that. The research looks complicated, and I could certainly see this is hard to do, but attacking a large environment, like a cloud subscription, might be something hackers try. Even if they aren't successful, there may be performance issues with SGX calculations from a software patch. The point of this piece isn't to alarm you. Likely this is more speculative than reality, but you should be aware there are potential issues. Encryption and security are complex topics, and I'm hoping Intel and Microsoft (and others) come up with better protections and mitigation for the issue. However, ultimately it's up to us tech professionals to understand what possibilities there are and ensure we are taking every precaution we can. Steve Jones - SSC Editor Join the debate, and respond to the editorial on the forums |
| The Weekly News | | All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit. |
| Vendors/3rd Party Products |
New release: SQL Monitor 10 SQL Monitor 10 has landed! You can now integrate SQL Monitor alerts with your ticket management system, so chosen alerts are automatically raised as tickets. New suppression options give you granular control over what alerts are raised during specific times, such as maintenance windows. And, you can now annotate the server activity graph with specific events, so you can measure their impact on your servers. Discover the new features |
17% of Enterprise respondents in this year's State of Database DevOps survey reported that DevOps has been adopted across all projects in their organization. This year’s State of Database DevOps report gave us some great insights into the landscape of Database DevOps. Kendra Little walks us through those insights specific to Enterprise organizations. |
The default collation for SQL Server is a pretty b... |
The other day, I had a very interesting conversati... |
This article has just shared multiple tools to help you become more acquainted with the Query Store! This acquaintance is coming via an extremely powerful tool called Extended Events.... The... |
In this blog today, I would share my understanding of the message “This instance of SQL Server has been using a process ID of" First appeared on SQL SERVER –... |
Wouldn’t it be great to just quickly and easily ... |
This month’s T-SQL Tuesday invitation comes from... |
This month’s T-SQL Tuesday blogging party is brought to you well by me and I wanted to talk more about Query Store. I did write a book on it... The... |
Today is T-SQL Tuesday #124 and I’m dropping a q... |
This month’s T-SQL Tuesday is hosted by Tracy Boggiano. Tracy invites us all to write about adopting Query Store. Today, I wanted to share my favorite but a very... The... |
A few months back I moved my CI/CD (Continuous Integration/Continuous Development) to Azure DevOps for free. You get 1800 build minutes a month FREE and I'm not even close... |
Yesterday, I posted about how to get local date an... |
| Career Growth and Certifications |
You’re new at this working from home thing, and you’re trying to put Game of Thrones up on a second monitor while you work? Listen, that’s not gonna play... |
This is a summary of potential resources for any t... |
@william_a_dba what did it take to become a MVP??... |
I’ve been working remotely for just over 2 years... |
| Computing in the Cloud (Azure, Google, AWS) |
Microsoft is gradually introducing multifactor authentication (MFA) for all organizational accounts in Azure Active Directory. In this article, I look at the new Security Defaults setting and how to... |
For most organizations, migrating to the cloud happens in four broad phases. First, there’s the opportunistic phase: skunkworks projects and new systems start to use public cloud, with or... |
| Conferences, Classes, Events, and Webinars |
Microsoft has announced that its developer confere... |
I just finished removing the latest appointment to... |
Join us on Tuesday March 31, 4-5pm BST / 10-11am Central for this live webinar: The role of the DBA is evolving, with automated builds, cloud and DevOps being the new A,B,C,Ds in the day to day management of databases, you need to up-skill and learn about Database Reliability Engineering. |
On Thursday March 24, 3-4pm GMT / 10-11am Central join us live with Microsoft MVP Grant Fritchey as he discusses database DevOps in Financial Services with our panel of industry experts. They will explore the similarities and differences in their experiences of DevOps and how that looks for Financial Services in today’s landscape. |
| Data Privacy, Compliance, and GDPR |
Click to learn more about author Chris Mullaney. T... |
FERPA is probably not in anyone's top 100 concerns right now, but it still exists. |
In the early days and weeks of any widespread global health concern, particularly in a fast-moving outbreak like the coronavirus, there are many unknowns. Data visualization can be a... |
| DevOps and Continuous Delivery (CI/CD) |
The world today is suffering from the advent of a new disease, COVID-19. Now, all is not doom and gloom, and there is absolutely no reason for any kind... |
| ETL/SSIS/Azure Data Factory/Biml |
A couple friends recently contacted me trying to s... |
Click to learn more about author Chirag Shivalker. Today there is harsh competition in the market for companies to grow and even to survive. Data is the most important... |
Intel today published a new Product Change Notification today stating that it has started using an additional Assembly, Test, and Finish site to build its mobile Comet Lake CPUs. In... |
Today, most organization are using solid-state drives for everything from laptops to enterprise database storage and virtual machines. In this article, Robert Sheldon explains how NAND flash solid-state drives... |
COALESCE is a DAX function introduced in March 2020. This article describes the purpose of COALESCE and how to simplify DAX expressions by removing verbose conditions, and yet obtain... |
Attackers got a head start when critical SMBv3 fla... |
The biggest Patch Tuesday in the company's history, this month Microsoft fixes 115 bugs. There's also a security advisory for a critical bug in SMBv3 and a patch for... |
Don't waste limited local bandwidth on VPNing remote users' Office365 traffic. |
| Performance Tuning SQL Server |
Say we have a stored procedure that has two queries in it – the second query uses a recompile hint, and you might recognize it from my parameter sniffing... |
One of the things I love about SQL Server is that during query plan compilation, it takes a moment to consider whether an index would help the query you’re... |
Let us talk about how we were able to reduce tempdb recompilation with Fixed Plan while working on Comprehensive Database Performance Health Check. First appeared on SQL SERVER – Reducing... |
| PowerPivot/PowerQuery/PowerBI |
My colleague David Eldersveld recently wrote a blo... |
In my last post I showed how to connect SQL Server Profiler up to a Power BI Premium dataset but I didn’t give you any examples of why this... |
Power BI drill down default behavior may not be wh... |
A common topic I have been discussing recently with customers is the security around Power BI. Basically, how to prevent users seeing data they shouldn’t. So I’ll discuss the... The... |
I have delivered Power BI training at a number of universities over the last 6 months, and a few of the participants asked me the same question. “What is... |
Join us live as we talk about Power BI gateways! T... |
Learn to configure your Power BI Aggregations tabl... |
| Product Reviews and Articles |
Richard Macaskill shows how to use Docker Compose to get SQL Data Catalog up and running in a container, in your SQL Server test lab, and then use it... |
Not only are SQL Monitor Groups probably the neatest and most maintainable way of ensuring that all your SQL Servers have the best possible configuration of alerts, but they... |
| Product Upgrades and Releases |
David Smith takes a look at R 3.6.3: On February 29, R 3.6.3 was released and is now available for Windows, Linux and Mac systems. This update, codenamed “Holding…Continue readingR 3.6.3 Now Available |
Just when you thought it was secure again, Intel's digital vault falls to a new attack. |
This is bad in several dimensions. The Los Angeles Department of Water and Power has been accused of deliberately keeping widespread gaps in its cybersecurity a secret from regulators... |
This is one of several posts on modernizing T-SQL code with new features and functionality available in SQL Server. |
I often need to calculate a day number in a month. For example, I need to work out the 3rd Tuesday of a month, or the 4th Friday, and... |
I regularly need a list of countries in drop-down lists, etc. To make that easy, in our free SDU Tools for developers and DBAs, we added a tool to... |
Continuing his treatment of NULLs in SQL Server, Itzik Ben-Gan covers how SQL Server's implementation of unique constraints differs from the standard, and how you can work around it. The... |
A trip from Ohio to Florida in the American-made supercar. |
We were there, and here’s a bunch of pictures from the ribbon cutting ceremony. |
| Virtualization and Containers/Kubernetes |
By default, the vSphere vCenter deployment contain... |
  | This email has been sent to {email}. To be removed from this list, please click here. If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. This newsletter was sent to you because you signed up at SQLServerCentral.com. Note: This is not the SQLServerCentral.com daily newsletter list, and unsubscribing to this newsletter will not stop you receiving the SQL Server Central daily newsletters. If you want to be removed from that list, you can follow the instructions on the daily newsletter. |
|
|
