No Defaults Passwords Ever
Steve doesn't see a reason why we should have default passwords on systems ever.
2026-01-17
62 reads
Security
Minimally Viable Security
Today Steve talks about the need for a basic level of security in our software.
2026-01-05
72 reads
SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data
Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
2025-12-03
2025-10-15
108 reads
The Security of Old Tech
Older technology can introduce security issues, along with performance ones. Keeping your systems somewhat up to date is important for security.
2025-09-12
71 reads
Password Guidance
Passwords are essential and also a problem in many organizations. Guidance has changed over the years and Steve has a few thoughts on what's recommended today.
2025-09-10
133 reads
Zero-Trust Architecture for Cloud-Based AI Systems
Zero-Trust Architecture (ZTA) emerges as a strong security paradigm for cloud-based AI systems, fundamentally operating on the principle of “never trust, always verify.” Unlike conventional security models, ZTA assumes potential compromise exists within the network and requires continuous verification of every access request regardless of origin.
2025-07-09
Cloning Master Admin User Permissions in Amazon RDS for SQL Server with Fine-Grained Control
This article explores how to securely clone the master user permissions in Amazon RDS for SQL Server using a custom stored procedure, usp_rds_clone_login. It outlines a step-by-step process to generate, review, and apply a script that replicates server- and database-level access from the master user to a new login without directly exposing elevated credentials. The guide emphasizes the principle of least privilege, supports named account management, and enables transparent, auditable permission handling for DBAs and applications. Designed for secure and scalable environments, this solution enhances operational security while maintaining administrative flexibility in Amazon RDS.
2025-07-09
688 reads
Are Data Breaches Inevitable?
Steve examines the idea that we might all have a data breach at some point.
2025-05-16
88 reads
More Supply Chain Attacks
Code is vulnerable to supply chain attacks, which aren't something many of us think about.
2025-03-21
108 reads
Blogs
Git forked
Forgive me for the title. Mentally I’m 12. When I started my current day...
Setting FK Constraints in Data Modeler
By Steve Jones
One of the things a customer asked recently about Redgate Data Modeler was how...
Webinar: Navigating the Database Landscape in 2026
By Steve Jones
For a number of years, we’ve produced the State of the Database Landscape report,...
Forums
SSMS 22 Latest Update Crashing
Hi all, I've just had to roll back my SSMS 22 version from 22.3.0,...
Transactional Replication setup issue
Hi! I've been banging my head against the wall for 2 days now trying...
The Power of Data and Privacy
Comments posted to this topic are about the item The Power of Data and...
Question of the Day
What's the Date?
In SQL Server 2025, there is a new function that returns the current date without the time. What is it?
See possible answers