Practical SQL Server Security, Compliance, and Auditing

By Russ Thomas
This course is a practical approach to leveraging SQL Server to meet the needs of your industry compliance, audit, security, and encryption standards.
Play course overview
Course info
Rating
(29)
Level
Intermediate
Updated
Jan 6, 2017
Duration
3h 40m
Table of contents
Course Overview
Course Overview 2m
Understanding Regulatory Compliance
Course Intro 4m Course Module Summary 5m Intro to HIPAA 3m Intro to SOX 2m Intro to PCI and Internal Audits 3m
Implementing Security with Users, Groups, and Roles
Intro 3m Scope 3m Principals 5m Looking Closer at Users and Logins 3m Looking Closer at Roles 3m Permissions and Privileges 4m Securables 6m Real World PCI 4m Real World HIPAA and Application Roles 4m
Modeling Schemas to Support Security Best Practices
Defining Schema 4m Benefit of Schema 5m Setting up a Schema 4m Schema Best Practice 4m
Protecting Sensitive Data With Encryption
Intro 3m Encryption and Cryptology 4m Encryption Algorithms 6m Key Management 5m Demo: Transparent Data Encryption 7m Demo: Restoring TDE Database 3m Summary 2m
Protecting Sensitive Data in Transit
Data Vulnerability in Transit 4m Pros and Cons of Custom Client Encryption 3m SQL Server SSL Encryption 4m SQL Server SSL Certificates 3m SQL Server 2016 Always Encrypted 5m Always Encrypted Demo 6m
Setting up Compliance Enforcement, Monitoring, and Logging
Intro 3m SQL Server Triggers 6m Extended Events 5m Extended Events Demo 5m Policy Based Management 6m Policy Based Management Demo: Part 1 5m Policy Based Management Demo: Part 2 6m Performance and 3rd Party Tools 4m
Watching the Watcher with SQL Audit
Why SQL Audit 5m Server Audit Specification Demo 5m Database Audit Specification Demo 7m Additional Configuration Options 5m Choosing an Audit Target Destination 6m
Passing Audits with Compliance Reports and Documentation
Intro 4m Audit Review Process 4m Prepared SQL Server Reports 3m Building Custom SSMS Reports 5m Report and Proof Lifecycle 3m Compliance Findings Remediation 2m Final Considerations 2m
Description
Course info
Rating
(29)
Level
Intermediate
Updated
Jan 6, 2017
Duration
3h 40m
Description

Nearly every professional industry must adhere to some form of professional standard, regulation, or legislative requirement. While requirements vary, many of the approaches and methods you as the technical administrator will employ can be standardized across many tools available within SQL Server. In this course, Practical SQL Server Security, Compliance, and Auditing, you'll learn the most relevant features including new ones such as Always Encrypted released with SQL 2016. First, you'll discover how to use auditing features that are found within SQL Server. Next, you'll explore how to establish good sound encryption including capabilities that are new to SQL Server such as the 2016 release. Finally, you'll learn how SQL Server manages the different principles in groups and logical organizations of objects within a database instance. By the end of this course, you'll learn valuable security and auditing information in SQL Server.

About the author
Russ Thomas
About the author

Currently an IT leader in Denver Colorado's financial sector Russ has focused on database development, modelling, administration, and BI since 1997 across the Microsoft stack. Russ is a passionate trainer and SQL community volunteer presenting regularly at PASS SQL Saturday events and local user groups around the US.

More from the author
Administering Microsoft SQL Server Availability Groups
Intermediate
3h 4m
Dec 7, 2018
High-performance Data Warehousing with Amazon Redshift
Intermediate
2h 34m
Aug 8, 2018
Building Your First Amazon Redshift Data Warehouse
Intermediate
2h 40m
Mar 9, 2018
More courses by Russ Thomas
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hey Pluralsighters, this is Russ Thomas. Out on Twitter I am @sqljudo. Welcome to this course, Practical SQL Server Security, Compliance, and Auditing. So from that title you might be asking yourself is this a course about implementing encryption, security, and doing things like backups, or is this a course about passing compliance audits, such as those that might be related to HIPAA, or PCI, or any number of standards that are related to most, well, and actually probably all industries that any of us are in. The answer to that is a whole lot of both. We're going to cover topics like how to use the auditing features that are found within SQL Server, how to establish good sound encryption including capabilities that are new to SQL Server such as the 2016 release of the always encrypted approach, how SQL server manages the different principles, and groups, and logical organizations of objects within a database instance, and we're also going to cover a lot about how to show that you are doing these up to a professional standard during an audit process. So now matter what standard you have to comply with or what your role is in database administration or SQL Server security, I can guarantee that there is some valuable information in this course for you.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT