Archive for March, 2010

Up to Date on Your Skills?

Posted: March 30, 2010 in Uncategorized

One of the most common questions I get asked is how does one become a DBA or get into another technical field? Or I am asked how do we keep up with technology with everything we have going on? Then end result is with all the new features that are coming out it is difficult to become an expert in each of these areas. Not every company is going to use every feature of the new release, but what do you do when you need to know how that feature works…

I am very active with Conferences, I try to read a lot of blogs and books.

One event that is coming up just around the corner that you could use as prep for Tech Ed is the SSWUG Conference. You do this one on-line and it is just like watching T.V. You get to access to 80 + Sessions. There is a discount for signing up early and if you use this VIP Code (CSHAWSPVC10) you can get another $30.00 off. Check out what they have for the speakers. All the information can be found here.

If you are in Denver or even the Colorado Area be sure to keep an eye on the blog here or watch the local User Group emails. We have some really exciting news for you on an extra special event that may be here in June.

SSWUG.ORG Presents our Spring ’10 Ultimate Virtual Conference

Featuring SQL Server, Business Intelligence SharePoint and integration with .NET technologies.

Top industry speakers, outstanding content, New live session track, extended sessions and more – 84+ sessions – over three days.

What Can You Expect?

It’s Our 7th Virtual Conference…ALL NEW CONTENT, new faces, continued focus on real-world, how-to information, tips and tricks!

Current early bird rate: $190 includes ALL content – sessions, live tracks, Q&A, on-demand and much more (see below).

Incredible presentations, interaction with speakers, chat with other attendees, make new contacts, lots of fun and surprises.

  • More than 80 technical sessions
  • These are NOT sales presentations.
  • Live keynote presentations and interaction
  • On-Demand access to sessions for 45 days – miss a session? No problem.
  • Chat, Twitter Integration, SKYPE integration for Q&A
  • Experience-based learning – find out what you need to know from people that are using the technology every day
  • 6-Month SSWUG.ORG Membership (or membership extension), included!
  • ALL-ACCESS Pass: SQL Server and Business Intelligence… SharePoint and .NET technologies – all included, one low price
  • Great vendor hall – learn about the best tools, technologies, publications and partners out there for your shop
  • Learning, learning and more learning

vConference Alumni, those who have attended any prior SSWUG.ORG Virtual Conferences, always save an additional $10 when registering.

Check out the session schedules as we update them – amazing content. Click here.

Our surveys reveal that 94% of attendees gained knowledge they could use immediately, and 99.5% said they would recommend a SSWUG.org Virtual Conference in the future.

Group registrations are also available at a discount. Contact Member Services at members@sswug.org for the group registration form. Get the group registration form.

HyperGate or Red Bac?

Posted: March 26, 2010 in Uncategorized

I am really surprised that we have not heard more news about this.

http://www.red-gate.com/about/news/hyperbac.htm

So here is the scoop the way that I understand it. Red Gate a company that is well known for the SQL Tool Belt with products such as SQL Compare also has a really solid backup compression tool. This tool simply called Red Gate SQL Back Up. Red Gate also makes tools for the Exchange and .NET.  The SQL Backup tool they created worked with SQL Server and had its own User Interface. So if you want to use the product your best bet to keep it simple was to use the UI they supply and create your maintenance plans there. I have used the tool for a number of years with a number of my clients and never had any issues with the product. With full disclosure I am a “Friend of Red Gate”.

HyperBac is relatively new company, but if you look closer at the people involved you may see a name like Jeffery Aven. Jeffery is, If remember correctly worked on another backup compression product a number of years ago. So it appears that even though HyperBac may not have been around for the last 15 years, some of the key players have been. I can also tell you that I have had the opportunity to work with the HyperBac tool and Jeffery on a production database as well.

I was pleasantly surprised when I saw that the tool sits between the SQL Server and the disk drives. One of the very pleasant fringe benefits of a tool like this is that it has been designed to work with the native back up extensions. So if you have a complex or simple maintenance plan on your servers and you install HyperBac the result is that after a short configuration of the product there is nothing more to change. You just sit and watch it compress (OK don’t sit around, go to one of the million tasks that you have in the back log). The other feature that I have to admit I did not think I would use a lot, was the ability to connect to the backups, query them and copy data out of them by using SSIS. This came in real handy during a few SQL Injection attacks that I had to recover from.

End Result?

I believe you have two good companies that are coming together and from the sounds of the press release the technical teams may be working together. I can’t wait to see the new products that they come up with to make my job easier. Maybe I need to put my thinking cap on and toss them a few ideas.

Colorado Snow

Posted: March 23, 2010 in Uncategorized

I know this has nothing to do at all with SQL Server, but saw this on the new tonight. See here in Colorado when we have bad snow storms we have snow days, schools are closed and sometimes even different stores. Well we have one of those storms; I just did not understand how bad it was until I saw this…

 

 

After the reviews last week about Rob Farley’s chapter in the Deep Dives book, we talked over email a bit. I had the chance to sit down and ask him a few questions that Jeremy and I came up with. I hope that you enjoy them. What amazes me the most is the fact that Rob did not start as a database guy, not only did he not start as a database guy, but actually chose to pass up the opportunity to take a database class. Another item that really grabbed me was how Rob hires consultants that he has, see the product is growing so large that few know everything about SQL Server to the skill of being able to learn new things is just as positive and know the basics.

If you would like to see the full interview with Rob, please check it out here:

Don’t forget, the SSWUG Ultimate vConference is just around the corner. I have been talking to speakers for the last couple weeks and I believe they are as excited as I am. What an event this is going to be. Here is a tip. If you want to get some additional money of the full conference pass look on the session’s page, find a speaker or two and search their blogs, they were given a VIP Code that will get you some additional money off.

This past week we had the Colorado Springs SQL Server User Group meeting. Please become a fan on the facebook page. The Denver group also met this week. I can tell you there is some discussions about a really excited event coming to this area around the first week of June.

How many times have you said that? Let’s say you are walking around the grocery store and you are trying to remember all the ingredients that you need for the Chili recipe you convinced me to send you. But then it all the sudden hits you. If I had a database that all I had to do was punch in what I want for dinner it would say BAM… Here is your list. But wait, like any good developer or database person. You think, this could kick so much more butt if it listed all the items in order. Think of the money savings on that bad boy. And I know someone working on it, but not the point.

There is a database that is out there now on the web that is something this country has needed for a long time. Something I have looked at a number of times and said, hey we need to do that. The problem is less than 10% of the Law Officials are using the database. So what is it? It’s a database that is meant to help find the 100,000 missing people today. This database is designed so anyone can enter information about missing people and even medical examiners can enter data. So why are we not using it? The offices either don’t know it’s there or they cannot use the free service (Still trying to figure that one out, but the city at my house removed light bulbs from street lamps to save electricity, then paid for stickers on the light bulb so I can see that it’s not there).

Where do you find this information? The site is called NamUs.gov please help if at nothing else to get the word out about this. I know that many of us, have lost friends and maybe we know where they are. There are over 100,000 people out there that don’t. We have the technology to help and they have found 6 already. Take the time and pass the word. If you don’t do it here, send the local paper a letter and let them know we need to make sure everyone gets home.

In the United States of America you are innocent until found guilty. I want to make sure that I am very clear on this fact, because one of the many databases that are involved in protecting this country came under fire recently. I have done a bit of research and there is not a lot of information that has been released about this. But I can tell you that there is an individual who in his own description calls himself a Systems Analyst at the Department of Homeland Security, I will call him “Bob” to protect his rights.

From what I have gathered “Bob” who worked with the TSA database, found out that he was being let go. It appears that “Bob” was not too happy about this and tried to take the database down. According to a few articles that I have found it looks as if the database was the one that is used to protect us as we take flights around this country…

So I have to ask? Are we being serious enough about the permissions? Is our data secure? Is your company data secure? This is not a joke and the data that we keep nowadays is more important than ever. But I am always surprised at how many databases are left open. In this case “Bob” may have been a DBA, and had all the permissions that he needed.

But I ask you to remember:

  • When someone turns in two weeks notice as a DBA, don’t be surprised when they are walked out the door that second.
  • Next time you are audited and the auditors are being a real pain, hope they are the ones that audit the database where your data is stored.
  • If you wonder why developers are not in production and only Admin’s and Change Managers can change production, it is to limit liability, it’s not a matter of trust.

Just in case you were wondering… “Bob” is up on two charges of the Federal kind. These are the kind of charges that can put you in a very bad place located underground. According to the Linked In site that I found “Bob” is working as a consultant for the last 6 months. (I found “Bob’s” LinkedIn Page by Name, City, past Employment)

Have you checked your consultants recently?

Story in EarthTimes

Denver Post

Computer World

@@ERROR = 0 for Bill Graziano

Posted: March 10, 2010 in Uncategorized

I am really excited about the most recent chapter that I reviewed in the Deep Dives book. I think what I like about this the most is the fact that this is something that attracts a lot of attention. There are some things that you can do to help avoid SQL Injection that are not directly related to security. Here is a clip from the review, to read the rest check it out here.

NEWSFLASH…

If you are just passing back your errors to an application or even worse a web page you are putting your database in jeopardy. Think of it like this… If an error is passed back to a web page have you not just validated what is not acceptable to your database? If you have validated what is not acceptable then is the reverse true, when you look at what is acceptable? So could someone just sit there and try different options and until they have a successful injection attack?

Maybe this is Extreme, Maybe