Download presentation
Presentation is loading. Please wait.
1
How to Lose Your Job in 3 Easy Steps
Robert L Davis Database Engineer @SQLSoldier How to Lose Your Job in 3 Easy Steps
2
Agradecimiento a los patrocinadores
Premium Silver Personal
3
Robert L Davis @SQLSoldier PASS Security Virtual Chapter
Microsoft Certified Master Data Platform MVP @SQLSoldier Database Engineer BlueMountain Capital Management 17+ years working with SQL Server PASS Security Virtual Chapter Volunteers needed Database Engineer at BlueMountain Capital Management Foremer Principal Database Architect at DB Best Technologies Former Principal DBA at Outerwall, Inc Former Sr. Product Consultant with Idera Software Former Program Manager for SQL Server Certified Master program in Microsoft Learning Former Sr. Production DBA / Operations Engineer at Microsoft (CSS) Microsoft Certified Master: SQL Server 2008 / MCSM Charter: Data Platform Co-founder of the SQL PASS Security Virtual Chapter MCITP: Database Developer: SQL Server 2005 and 2008 MCITP: Database Administrator: SQL Server 2005 and 2008 MCSE: Data Platform MVP 2014 Co-author of Pro SQL Server 2008 Mirroring Former Idera ACE (Advisors & Community Educators) 2 time host of T-SQL Tuesday Guest Professor at SQL University, summer 2010, spring/summer 2011 Speaker at SQL PASS Summit 2010, 2011, and 2012 including a pre-con in 2012 Speaker/Pre-con at SQLRally 2012 17+ years working with SQL Server Writer for SQL Server Pro (formerly SQL Server Magazine) Member: Mensa Dog picture: Maggie and Woody SQLCruise instructor: Seattle to Alaska 2012 Speaker at SQL Server Intelligence Conference in Seattle 2012 Blog: Twitter:
4
How to Lose Your Job in 3 Easy Steps
3 Mistakes …
5
How to Lose Your Job in 3 Easy Steps
3 Mistakes … That many DBAs make
6
How to Lose Your Job in 3 Easy Steps
3 Mistakes … That many DBAs make And some developers too
7
How to Lose Your Job in 3 Easy Steps
3 Mistakes … That many DBAs make And some developers too That could and should cost you your job
8
How to Lose Your Job in 3 Easy Steps
3 Mistakes … That many DBAs make And some developers too That could and should cost you your job That cause lost data, lost revenue, and lost customers
9
How to Lose Your Job in 3 Easy Steps
10
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges
11
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges DBAs are the guardians of the data
12
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges DBAs are the guardians of the data Cannot protect the data if you do not control it
13
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges DBAs are the guardians of the data Cannot protect the data if you do not control it Permissions requests should be needed (not desired) and justifiable
14
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges DBAs are the guardians of the data Cannot protect the data if you do not control it Permissions requests should be needed (not desired) and justifiable Anything else adds risk
15
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks:
16
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft
17
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries
18
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries Violation of governmental compliancy regulations
19
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries Violation of governmental compliancy regulations Fines and penalties from government agencies
20
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries Violation of governmental compliancy regulations Fines and penalties from government agencies Loss of customers
21
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries Violation of governmental compliancy regulations Fines and penalties from government agencies Loss of customers Loss of public standing / Public relations issues
22
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries Violation of governmental compliancy regulations Fines and penalties from government agencies Loss of customers Loss of public standing / Public relations issues Loss of company credit rating
23
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Risks: Data loss or theft Performance problems because of bad user queries Violation of governmental compliancy regulations Fines and penalties from government agencies Loss of customers Loss of public standing / Public relations issues Loss of company credit rating Imprisonment
24
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Principle of Least Privilege
25
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Principle of Least Privilege Only the lowest level of permissions required and justified are granted
26
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Principle of Least Privilege Only the lowest level of permissions required and justified are granted If you grant permissions to someone, you had better be able to say why it was required and why it was justified
27
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Principle of Least Privilege Only the lowest level of permissions required and justified are granted If you grant permissions to someone, you had better be able to say why it was required and why it was justified If something bad happens, the DBA will be the person held responsible for giving away too many permissions
28
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Principle of Least Privilege Only the lowest level of permissions required and justified are granted If you grant permissions to someone, you had better be able to say why it was required and why it was justified If something bad happens, the DBA will be the person held responsible for giving away too many permissions The person who did the bad thing may be help responsible as well, but to a lesser degree than the DBA
29
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Final thought
30
How to Lose Your Job in 3 Easy Steps
3. Giving elevated privileges Final thought It’s a lot easier to give limited permissions straight away than to reduce the permissions later
31
How to Lose Your Job in 3 Easy Steps
32
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification
33
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification Page verification detects corruption when page is read
34
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification Page verification detects corruption when page is read Three settings for Page Verification:
35
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification Page verification detects corruption when page is read Three settings for Page Verification: CHECKSUM (default since SQL Server 2005)
36
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification Page verification detects corruption when page is read Three settings for Page Verification: CHECKSUM (default since SQL Server 2005) TORN_PAGE_DETECTION (default in SQL Server 2000)
37
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification Page verification detects corruption when page is read Three settings for Page Verification: CHECKSUM (default since SQL Server 2005) TORN_PAGE_DETECTION (default in SQL Server 2000) NONE (has never been the default)
38
How to Lose Your Job in 3 Easy Steps
2. Disabling Page Verification Page verification detects corruption when page is read Three settings for Page Verification: CHECKSUM (default since SQL Server 2005) TORN_PAGE_DETECTION (default in SQL Server 2000) NONE (has never been the default) If anyone changes setting to none, that person should be fired
39
How to Lose Your Job in 3 Easy Steps
40
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups
41
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority
42
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority Again, you are the guardian of the data
43
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority Again, you are the guardian of the data This means more than just having backups
44
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority Again, you are the guardian of the data This means more than just having backups Ensuring backups are restorable (test your backups)
45
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority Again, you are the guardian of the data This means more than just having backups Ensuring backups are restorable (test your backups) Recovering from a disaster while meeting data loss (RPO) and downtime (RTO) requirements
46
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority Again, you are the guardian of the data This means more than just having backups Ensuring backups are restorable (test your backups) Recovering from a disaster while meeting data loss (RPO) and downtime (RTO) requirements
47
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups DBAs number one priority Again, you are the guardian of the data This means more than just having backups Ensuring backups are restorable (test your backups) Recovering from a disaster while meeting data loss (RPO) and downtime (RTO) requirements Practice restore scenarios so that you know what to do when disaster strikes Store backups separate from the server
48
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups If you inherit a server with databases on it, the first and last thing you should do is backups
49
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups If you inherit a server with databases on it, the first and last thing you should do is backups First make sure backups are happening and all databases are being backed up
50
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups If you inherit a server with databases on it, the first and last thing you should do is backups First make sure backups are happening and all databases are being backed up Next attend to other important things
51
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups If you inherit a server with databases on it, the first and last thing you should do is backups First make sure backups are happening and all databases are being backed up Next attend to other important things Lastly, find out the RPO and RTO requirements and adjust your backups as needed
52
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RPO: Recovery Point Objective
53
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RPO: Recovery Point Objective How much data is the business willing to lose in the event of a disaster?
54
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RPO: Recovery Point Objective How much data is the business willing to lose in the event of a disaster? Your potential for data loss = the last time a backup ran
55
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RPO: Recovery Point Objective How much data is the business willing to lose in the event of a disaster? Your potential for data loss = the last time a backup ran RPO = the minimum frequency of your backups
56
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RTO: Recovery Time Objective
57
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RTO: Recovery Time Objective How long can the business be down in the event of a disaster?
58
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RTO: Recovery Time Objective How long can the business be down in the event of a disaster? In a worst case scenario, how long do you have to get the databases restored and operational again
59
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RTO: Recovery Time Objective How long can the business be down in the event of a disaster? In a worst case scenario, how long do you have to get the databases restored and operational again RTO dictates the restore plan for getting databases restored to meet this requirement
60
How to Lose Your Job in 3 Easy Steps
1. Lack of good backups RTO: Recovery Time Objective How long can the business be down in the event of a disaster? In a worst case scenario, how long do you have to get the databases restored and operational again RTO dictates the restore plan for getting databases restored to meet this requirement The restore plan dictates what backup plan needs to be implemented
61
How to Lose Your Job in 3 Easy Steps
Apologies! I apologize for the misleading title If you came to learn how to get fired, but you actually learned how to keep your job! Q & A
62
Thank you for attending!
¡Gracias! Thank you for attending! My blog: Twitter: twitter.com/SQLSoldier Whitepaper: 5 DBA Mistakes That Can Cost You Your Job:
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.