Encourage. Energize. Empower.

There is no tool for development more effective than the empowerment of women.  – Kofi Annan

In the above quote, Secretary Annan was referring to women in developing nations.  However, it’s just as apt a description of women in technology. 
Encourage. Energize. Empower.  Those are pretty tall orders. The YOU is implied. How about we imply instead that it’s WE? As working women with a voice,  WE need to support each other. WE need to encourage each other to try harder, to reach farther and to stand taller. WE need to energize each other when we’re tired, when we stumble and when we need to rest. 
Where should you start? How about right here?  Here is a great place to start. 
We’ll do it together.

Securing a SQL Server Checklist

Tue, Jun 07 2016 16:00 UTC

Securing a SQL Server Checklist

The session will cover DBA's Checklist Compliance 101 - with the examples of the compliance rules of several industries and the logic behind them. We will go over the protection mechanisms available to every DBA - as they relate to the compliance rules. We will introduce initial ten steps for the security and privacy compliance policies, and will do hands-on examples as applicable. 1. install firewall - and what it means for the DBAs. DMZ - or how do you move data across "zones" safely? '2. passwords policies - at the minimum, change vendors defaults here I will give some introduction into WHY, introduce ISO - and show them how to do policies and how to protect password to different security levels. 3. protect data on disk here I will explain the encryption and masking and what protects against whom, again - will do some examples - basic ones. This section will also talk about how to identify sensitive data - and what to encrypt and how, and what to mask and how. HIPAA's safe harbor as part of privacy rule, and HIPAA's security rule, PCI DSS removal of card numbers, cv2, etc. Here also I will cover password encryption in SQL. Examples will follow - as simple as how to create keys and encrypt the column to the level of complexity you require. 4. protect data in- transit ( this is not a db task, will just mention it) 5. anti-virus software - this is not per se db task, but often might interrupt database operations - it happened before. Will just let them know to check it. 6. develop secure systems - this is where sql injection and use of stored procedures comes in place. I can talk about diff sql injections - a little bit of hands -on 7. identity management as extension of #3 and #6 8. monitor access to network and database activities ( for Fraud detection) 9. preparedness tests of security - Create "false alarms" 10.Make the above a policy with document and mandatory class.

Virginia Mushkatbat

Virginia Mushkatblat is currently a founder of Hush-Hush, a data masking company. She wrote her first computer program at the age of 14 and has been in technology ever since, progressively rising through the ranks and trying on different hats including database architecture, development, security and operations. She has worked for Startups and Fortune 100 companies in finance, entertainment, e-commerce, internet advertisement, manufacturing, and communications industries and dealt with both heavily transactional and BI applications.She holds B.S. and Masters Degrees in Engineering and in Computer Science, originated a couple of patents, and currently teaches databases and multimedia to graduating seniors in CSUN, her Alma Mater.

Webinar Links

SQL Saturday WIT Events

Is your SQL Saturday organizing a PASS WIT panel session?  If so, let us know! Has your SQL Saturday team recently hosted a PASS WIT Panel session? Share your pictures, thoughts and experience with us! Email us at wit@pass.org

Upcoming Events:

Many upcoming SQLSaturday events will feature Women in Technology panels or discussions. Check out our calendar for details.

Back to Top