SlideShare a Scribd company logo

Geek Sync | Taking Control of Your Organization’s SQL Server Sprawl

Download as PPTX, PDF
IDERA Software, profile picture
IDERA Software

The document discusses strategies for managing SQL Server sprawl in organizations, emphasizing the importance of understanding risk, identifying servers, and ensuring data security. It outlines various techniques for locating hidden servers and assessing the data stored on them, alongside the need for established standards and policies. The author provides insights on standardizing SQL Server installations to streamline security and compliance efforts.

Software
1 of 19
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Taking Control of Your Organization’s SQL Server Sprawl July 26, 2017
About Me • Infrastructure and security architect • Database Administrator / Architect • Former Incident Response team lead • Certified Information Systems Auditor (CISA) • SQL Server security columnist / blogger • Editor for SQL Server benchmarks at Center for Internet Security
My Contact Information K. Brian Kelley Email: kbriankelley@acm.org Twitter: @kbriankelley Infrastructure/Security Blog: http://truthsolutions.wordpress.com Personal Development Blog: http://gkdba.wordpress.com
• Understanding the Risk • Finding Servers • Checking the Data • Standards & Policy
Understanding the Risk
Risk Areas • Data, Data, Data! • Lateral movement by adversaries • Licensing
Finding Servers
Servers on the Network • SSMS drop down and sqlcmd –L • SQL Ping and variants • Dedicated scanners • 3rd party dedicated scanning tools
Caution with Scanning • May be seen as “hacking activity” • Know exactly what you’re going to do • Check with your security folks so they understand • Get permission in writing (email counts as long as it gets saved) • Make sure that permission comes from someone with authority to give it.
Hidden from the network? • Network libraries disabled • OS Firewall turned on • Listening on a non-standard port • “Crafty” start and stop of services
Finding Hidden SQL Servers • Inventory / Configuration Management Tool • Need Admin rights. May need Domain Admin based on default permissions. • Understand how data is collected. • Can’t rely on Add/Remove Programs data • SQL Server is installed. What component? • Exchange issue – have to query for services installed to verify it’s the server.
Checking the Data
Found the Server… What’s Next? • At this point, it doesn’t matter if it’s authorized. • We want to know what’s on it. • Looking for Shadow IT. • Looking for unprotected data.
Investigating the Data • Look for same database names as production • Then look for pattern matches (PayRollDB_20170701 matched by PayRollDB%) • Use object names from production to look for matches on discovered DBs • Then start looking at the data.
Standards & Policy
What are your organization’s standards? • What’s permitted? • Is it in writing? • What are the consequences for an unauthorized SQL Server? • Who is allowed to remediate? • What are they allowed to do? • Are there audit & compliance requirements you can leverage?
Standardize Your SQL Server Installs • Automate the install • Start with the OS. Usually the easiest and “biggest bang for the buck” for the organization. • If you can, standardize on drive letters to ease scripted installs. • Script the install. Leverage slipstreaming to minimize after-install work. • Execute post-install configuration scripts automatically as well: • Rename / disable sa login & change password • Configure Database Mail • Set up alerts & notifications • Any other defaults you want to set.
In Summary • Understanding the Risk • Finding Servers • Checking the Data • Standards & Policy
Questions? K. Brian Kelley Email: kbriankelley@acm.org Twitter: @kbriankelley Infrastructure/Security Blog: http://truthsolutions.wordpress.com Personal Development Blog: http://gkdba.wordpress.com

More Related Content

PPTX
Getting started with Azure Cognitive services
Rick van den Bosch
 
PPTX
Consuming REST in .NET
Aaron Stannard
 
PPTX
How Elastic Security Meets SOC Needs
Anna Ossowski
 
PPTX
Test driving Azure Search and DocumentDB
Andrew Siemer
 
PDF
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
NCCOMMS
 
PDF
Azure Application insights - An Introduction
Matthias Güntert
 
PDF
CSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
NCCOMMS
 
PDF
Search UI and Lucidworks View: Presented by Josh Ellinger, Lucidworks
Lucidworks
 
Getting started with Azure Cognitive services
Rick van den Bosch
 
Consuming REST in .NET
Aaron Stannard
 
How Elastic Security Meets SOC Needs
Anna Ossowski
 
Test driving Azure Search and DocumentDB
Andrew Siemer
 
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
NCCOMMS
 
Azure Application insights - An Introduction
Matthias Güntert
 
CSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
NCCOMMS
 
Search UI and Lucidworks View: Presented by Josh Ellinger, Lucidworks
Lucidworks
 

What's hot (20)

PDF
Building Search Engines - Lucene, SolR and Elasticsearch
Rahul Singh
 
PPTX
Debezium POC
kloia
 
PDF
Search for all with Elastic Enterprise Search
Elasticsearch
 
PPTX
Elasticsearch for Autosuggest in Clojure at Workframe
Brian Ballantine
 
PDF
O365Con19 - Azure Blackbelt - Jussi Roine
NCCOMMS
 
PPTX
Tokyo azure meetup #2 big data made easy
Tokyo Azure Meetup
 
PPTX
Monitoring your workload hosted on Microsoft Azure
Vikram Pendse
 
PDF
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
NCCOMMS
 
PDF
Jinchao demo
Jinchao Lin
 
PDF
A Survey of Elasticsearch Usage
Greg Brown
 
PPTX
Design for scale
Doug Lampe
 
PDF
Monitoring real-life Azure applications: When to use what and why
Karl Ots
 
PPTX
Azure operational insights
Ilyas F ☁☁☁
 
PPTX
Building Enterprise Search Engines using Open Source Technologies
Rahul Singh
 
PPTX
Cloud Design Patterns
Taswar Bhatti
 
PDF
[Webinar] Nuxeo Platform 5.6 Overview
Nuxeo
 
PDF
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
NCCOMMS
 
PPTX
Enterprise Content Management Solutions in SharePoint and Office 365
Eric Shupps
 
PPTX
Ajax
amitmishra43258
 
PDF
Securing java web applications
Jonas Elias Flesch
 
Building Search Engines - Lucene, SolR and Elasticsearch
Rahul Singh
 
Debezium POC
kloia
 
Search for all with Elastic Enterprise Search
Elasticsearch
 
Elasticsearch for Autosuggest in Clojure at Workframe
Brian Ballantine
 
O365Con19 - Azure Blackbelt - Jussi Roine
NCCOMMS
 
Tokyo azure meetup #2 big data made easy
Tokyo Azure Meetup
 
Monitoring your workload hosted on Microsoft Azure
Vikram Pendse
 
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
NCCOMMS
 
Jinchao demo
Jinchao Lin
 
A Survey of Elasticsearch Usage
Greg Brown
 
Design for scale
Doug Lampe
 
Monitoring real-life Azure applications: When to use what and why
Karl Ots
 
Azure operational insights
Ilyas F ☁☁☁
 
Building Enterprise Search Engines using Open Source Technologies
Rahul Singh
 
Cloud Design Patterns
Taswar Bhatti
 
[Webinar] Nuxeo Platform 5.6 Overview
Nuxeo
 
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
NCCOMMS
 
Enterprise Content Management Solutions in SharePoint and Office 365
Eric Shupps
 
Ajax
amitmishra43258
 
Securing java web applications
Jonas Elias Flesch
 
Ad

Similar to Geek Sync | Taking Control of Your Organization’s SQL Server Sprawl (20)

PDF
Hardening a SQL Server 2008 Implementation
Mark Ginnebaugh
 
PDF
7 steps to effective SQL Server monitoring
Red Gate Software
 
PDF
Microsoft Sql Server 2008 Administrators Pocket Consultant 1st Edition Willia...
ibiasaggvin
 
PDF
KoprowskiT_SQLRelayCaerdydd_SQLSecurityInTheClouds
Tobias Koprowski
 
PDF
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
Tobias Koprowski
 
PDF
KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
Tobias Koprowski
 
PPT
Fortress SQL Server
webhostingguy
 
PPTX
Microsoft SQL Server 2008 R2 - Manageability Presentation
Microsoft Private Cloud
 
PPT
SQL Server Security - Attack
webhostingguy
 
PPTX
Monitoring Microsoft SQL Server 2008 with Opsview
Opsview
 
PDF
How to manage and monitor large sql server estates
Red Gate Software
 
PPTX
Everything you should already know about MS-SQL post-exploitation
Source Conference
 
PPT
SQL Server Basics Hello world iam here.ppt
nanisaketh
 
DOCX
Sql server 2008 r2 security overviewfor admins
Klaudiia Jacome
 
PPTX
Ultimate Free SQL Server Toolkit
Kevin Kline
 
PDF
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
Scott Sutherland
 
PDF
ITS Forefront Management Server Infrastructure Build
webhostingguy
 
PPTX
Do More With Less: SQL Central Management Server and Multi-Server Administration
Mike Hillwig
 
PDF
OSMC 2010 | NSClient++ - what's new? And what's coming! by Michael Medin
NETWAYS
 
PPT
Under New Management
ukdpe
 
Hardening a SQL Server 2008 Implementation
Mark Ginnebaugh
 
7 steps to effective SQL Server monitoring
Red Gate Software
 
Microsoft Sql Server 2008 Administrators Pocket Consultant 1st Edition Willia...
ibiasaggvin
 
KoprowskiT_SQLRelayCaerdydd_SQLSecurityInTheClouds
Tobias Koprowski
 
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
Tobias Koprowski
 
KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud
Tobias Koprowski
 
Fortress SQL Server
webhostingguy
 
Microsoft SQL Server 2008 R2 - Manageability Presentation
Microsoft Private Cloud
 
SQL Server Security - Attack
webhostingguy
 
Monitoring Microsoft SQL Server 2008 with Opsview
Opsview
 
How to manage and monitor large sql server estates
Red Gate Software
 
Everything you should already know about MS-SQL post-exploitation
Source Conference
 
SQL Server Basics Hello world iam here.ppt
nanisaketh
 
Sql server 2008 r2 security overviewfor admins
Klaudiia Jacome
 
Ultimate Free SQL Server Toolkit
Kevin Kline
 
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
Scott Sutherland
 
ITS Forefront Management Server Infrastructure Build
webhostingguy
 
Do More With Less: SQL Central Management Server and Multi-Server Administration
Mike Hillwig
 
OSMC 2010 | NSClient++ - what's new? And what's coming! by Michael Medin
NETWAYS
 
Under New Management
ukdpe
 
Ad

More from IDERA Software (20)

PPTX
The role of the database administrator (DBA) in 2020: Changes, challenges, an...
IDERA Software
 
PPTX
Problems and solutions for migrating databases to the cloud
IDERA Software
 
PPTX
Public cloud uses and limitations
IDERA Software
 
PPTX
Optimize the performance, cost, and value of databases.pptx
IDERA Software
 
PPTX
Monitor cloud database with SQL Diagnostic Manager for SQL Server
IDERA Software
 
PPTX
Database administrators (dbas) face increasing pressure to monitor databases
IDERA Software
 
PPTX
Six tips for cutting sql server licensing costs
IDERA Software
 
PDF
Idera live 2021: The Power of Abstraction by Steve Hoberman
IDERA Software
 
PDF
Idera live 2021: Why Data Lakes are Critical for AI, ML, and IoT By Brian Flug
IDERA Software
 
PDF
Idera live 2021: Will Data Vault add Value to Your Data Warehouse? 3 Signs th...
IDERA Software
 
PDF
Idera live 2021: Managing Digital Transformation on a Budget by Bert Scalzo
IDERA Software
 
PDF
Idera live 2021: Keynote Presentation The Future of Data is The Data Cloud b...
IDERA Software
 
PDF
Idera live 2021: Managing Databases in the Cloud - the First Step, a Succes...
IDERA Software
 
PDF
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
IDERA Software
 
PDF
Idera live 2021: Performance Tuning Azure SQL Database by Monica Rathbun
IDERA Software
 
PPTX
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
IDERA Software
 
PPTX
How Users of a Performance Monitoring Tool Can Benefit from an Inventory Mana...
IDERA Software
 
PPTX
Benefits of Third Party Tools for MySQL | IDERA
IDERA Software
 
PPTX
Achieve More with Less Resources | IDERA
IDERA Software
 
PPTX
Benefits of SQL Server 2017 and 2019 | IDERA
IDERA Software
 
The role of the database administrator (DBA) in 2020: Changes, challenges, an...
IDERA Software
 
Problems and solutions for migrating databases to the cloud
IDERA Software
 
Public cloud uses and limitations
IDERA Software
 
Optimize the performance, cost, and value of databases.pptx
IDERA Software
 
Monitor cloud database with SQL Diagnostic Manager for SQL Server
IDERA Software
 
Database administrators (dbas) face increasing pressure to monitor databases
IDERA Software
 
Six tips for cutting sql server licensing costs
IDERA Software
 
Idera live 2021: The Power of Abstraction by Steve Hoberman
IDERA Software
 
Idera live 2021: Why Data Lakes are Critical for AI, ML, and IoT By Brian Flug
IDERA Software
 
Idera live 2021: Will Data Vault add Value to Your Data Warehouse? 3 Signs th...
IDERA Software
 
Idera live 2021: Managing Digital Transformation on a Budget by Bert Scalzo
IDERA Software
 
Idera live 2021: Keynote Presentation The Future of Data is The Data Cloud b...
IDERA Software
 
Idera live 2021: Managing Databases in the Cloud - the First Step, a Succes...
IDERA Software
 
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
IDERA Software
 
Idera live 2021: Performance Tuning Azure SQL Database by Monica Rathbun
IDERA Software
 
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
IDERA Software
 
How Users of a Performance Monitoring Tool Can Benefit from an Inventory Mana...
IDERA Software
 
Benefits of Third Party Tools for MySQL | IDERA
IDERA Software
 
Achieve More with Less Resources | IDERA
IDERA Software
 
Benefits of SQL Server 2017 and 2019 | IDERA
IDERA Software
 

Recently uploaded (20)

PDF
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PPTX
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
PDF
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
PDF
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
PPTX
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PPTX
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PPTX
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
System and Network Administraation Chapter 3
jaramharo
 
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
System and Network Administration Chapter 2
jaramharo
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
System and Network Administraation Chapter 3
jaramharo
 

Geek Sync | Taking Control of Your Organization’s SQL Server Sprawl

  • 1. Taking Control of Your Organization’s SQL Server Sprawl July 26, 2017
  • 2. About Me • Infrastructure and security architect • Database Administrator / Architect • Former Incident Response team lead • Certified Information Systems Auditor (CISA) • SQL Server security columnist / blogger • Editor for SQL Server benchmarks at Center for Internet Security
  • 3. My Contact Information K. Brian Kelley Email: kbriankelley@acm.org Twitter: @kbriankelley Infrastructure/Security Blog: http://truthsolutions.wordpress.com Personal Development Blog: http://gkdba.wordpress.com
  • 4. • Understanding the Risk • Finding Servers • Checking the Data • Standards & Policy
  • 6. Risk Areas • Data, Data, Data! • Lateral movement by adversaries • Licensing
  • 8. Servers on the Network • SSMS drop down and sqlcmd –L • SQL Ping and variants • Dedicated scanners • 3rd party dedicated scanning tools
  • 9. Caution with Scanning • May be seen as “hacking activity” • Know exactly what you’re going to do • Check with your security folks so they understand • Get permission in writing (email counts as long as it gets saved) • Make sure that permission comes from someone with authority to give it.
  • 10. Hidden from the network? • Network libraries disabled • OS Firewall turned on • Listening on a non-standard port • “Crafty” start and stop of services
  • 11. Finding Hidden SQL Servers • Inventory / Configuration Management Tool • Need Admin rights. May need Domain Admin based on default permissions. • Understand how data is collected. • Can’t rely on Add/Remove Programs data • SQL Server is installed. What component? • Exchange issue – have to query for services installed to verify it’s the server.
  • 13. Found the Server… What’s Next? • At this point, it doesn’t matter if it’s authorized. • We want to know what’s on it. • Looking for Shadow IT. • Looking for unprotected data.
  • 14. Investigating the Data • Look for same database names as production • Then look for pattern matches (PayRollDB_20170701 matched by PayRollDB%) • Use object names from production to look for matches on discovered DBs • Then start looking at the data.
  • 16. What are your organization’s standards? • What’s permitted? • Is it in writing? • What are the consequences for an unauthorized SQL Server? • Who is allowed to remediate? • What are they allowed to do? • Are there audit & compliance requirements you can leverage?
  • 17. Standardize Your SQL Server Installs • Automate the install • Start with the OS. Usually the easiest and “biggest bang for the buck” for the organization. • If you can, standardize on drive letters to ease scripted installs. • Script the install. Leverage slipstreaming to minimize after-install work. • Execute post-install configuration scripts automatically as well: • Rename / disable sa login & change password • Configure Database Mail • Set up alerts & notifications • Any other defaults you want to set.
  • 18. In Summary • Understanding the Risk • Finding Servers • Checking the Data • Standards & Policy
  • 19. Questions? K. Brian Kelley Email: kbriankelley@acm.org Twitter: @kbriankelley Infrastructure/Security Blog: http://truthsolutions.wordpress.com Personal Development Blog: http://gkdba.wordpress.com