SQL Security Fundamentals with PASS' VC Fundamentals

6/9/2016

For HushHush, the month of June was full of PASS Virtual Chapter Presentations.
On June 10th, HushHush presented on the fundamentals of SQL Server Security. For those of you who missed the event, here is the link to the recording: VC Fundamentals Youtube Channel
A total of 275 people attended the session. In the agenda:

1. Security / Compliance Correlation
a. What is security? What is compliance?
b. What do you mean – Risk Assessment?
2. Risk assessment – understanding risks
a. Definition of the CIA triad
b. HIPAA Security Rule- you define the rules, PCI- “they” define the rules
c. Where is the DBA in the picture?
3. Security framework : Matryoshka of security
a. Threat classification : external / internal / naive
b. Security prevention framework
4. Four ‘Who?’s
5. Passwords – ISO and beyond
6. Encryption/Masking
7. SQL Injection