Data Breaches: All Your Fault

DevOps, Redgate Software
One part of my job is to understand the compliance landscape. This means that I read a lot about the GDPR and related similar laws. I also have to read a lot about data breaches in order to understand how and where laws like the GDPR apply to them, and how they happened so that I can better prepare people through good DevOps practices to prevent them. The more I read about data breaches, the more I realize: It's You. It's your fault. Don't believe me? Let's walk through a few recent data breaches together. Passwords? We Don't Need Stinking Passwords. The Collection #1 data that represents 21 million unique email addresses and passwords for a combination of up to more than 700 million, was found by Troy Hunt... on…
Read More

Critiquing Grant Fritchey: Circa 2008

DevOps, SQL Server
For several years, I ran a regular feature on this blog, Speaker of the Month. I attend a lot of events, so I have the opportunity to hear a lot of people talk about various topics. I decided, as an attempt to help out, to call out individuals that I thought had given a great presentation. There was no other reward beyond my attempts to promote others. In addition to that promotion and praise, I did offer criticism as well. It was never intended to be hurtful or in any way negative. I was hoping to point out people that I thought were great at presenting and provide a tip or two to make them even better. Not everyone liked it. In fact, a few people were decidedly, animatedly, against…
Read More

DevOps and Automation Will Eliminate the DBA

DevOps
I've been reading about the death of the DBA ever since I first made the jump from full time developer to full time data professional. The first time I heard it was when SQL Server 7.0 was released. Did you know that SQL Server 7.0 was self-tuning? In fact, it was so self-tuning that the DBA is a relic of the past and no one will be paid for that kind of work any more. Right. So, twenty years later, several versions of SQL Server with tons of improvement from back in the day, and I'm still working (and I hope you are too). Object databases were going to eliminate the DBA. ORM tools were going to eliminate the DBA. Then of course, NoSQL absolutely eliminated the DBA. In fact,…
Read More

Databases and DevOps, Tools are the Easy Part

DevOps
Moving your database development, deployment and management into a DevOps methodology does involve choosing and implementing tools and tooling. Tools are a necessary aspect of DevOps because, one of the fundamentals of implementing a DevOps approach is automation. To automate, you need the right tools. However, tools and automation, while they represent a lot of work, are actually the easy part of the process of moving into DevOps. What's the hard part? Changing how you do things. Change is Hard One of the fundamental questions you need to learn when you start to implement a DevOps approach consists of a single word: Why. "We always manually run a script in staging prior to running it in production." Well, why? Why can't that be automated? Is there a reason that the…
Read More

SQL in the City Streamed: June 2018

DevOps, Redgate Software
Next week, Redgate Software, will be putting on SQL in the City Streamed. These events are a great way to learn about SQL Server, the Microsoft Data Platform, privacy and protection, the GDPR, and, of course, DevOps. All of that, with some great information on Redgate tools and how they can help tossed in there. Agenda Scroll down at the link and check out the agenda. We're covering a pretty wide range of topics this time. I have the keynote, and I'm not going to tell you what it's about yet. OK. I'll tell you a little. Twist my arm. I have a message about DevOps that I think is very important. When it comes to the database, we frequently think about development and deployment as nothing but change, and…
Read More

GDPR, Database Backups, and the Right to be Forgotten

DevOps
I've said it before, but it bears repeating, there is no cause for any kind of panic when it comes to the GDPR. None. There are however, a number of concerns. One of those concerns is, well, concerning. How does the right to be forgotten within the GDPR impact database backups? Let's discuss what we know. The Right To Erasure Each of the articles within the GDPR lays out a topic. Article 17 is pretty darned clear about the topic: Right to erasure ('right to be forgotten') Basically, the individuals, also known as the data subject, also known as natural persons, in short, people, can request that you remove their data from your system. The first sentence lays out the gist of the idea quite well: The data subject shall…
Read More

Buggy Whips 2.0

DevOps, Professional Development
I recently found myself rereading a very old blog post of mine, from the very beginning of this blog, discussing Buggy Whips. I'll save you the long read, I was learning new tech, it made me second guess my working assumptions, I was curious if I was manufacturing a buggy whip while watching an automobile drive by. 2008 to 2018 Well, I'm still here. In fact, Feature Driven Development has disappeared from the lexicon and the project that it was introduced to took years longer than anticipated, performed horribly, and had to have a major redesign and rework to be fundamentally functional (all after I left the old organization). So, my fears that database design was a thing of the past were just that, fears... right? Yes and no. Here…
Read More

Query Monitoring and the GDPR

DevOps
I've been reading the General Data Protection Regulation (GDPR) and discussing the ramifications of the beginning of enforcement with lots of people. The implications of it all are fascinating. The real serious issues remain primarily a business problem, with business defined solutions. However, there are technology issues that we need to think about. For example, performance metrics are going to be impacted by the GDPR. Private Data and Monitoring Queries First and foremost, let me say something I've said before. The vast majority of the focus around GDPR has to come from your business. Second, the bulk of your work and focus must be on ensuring core functionality in support of the GDPR. Third, the attack vectors and leaks for GDPR are not going to primarily be around something like…
Read More

GDPR: Your Hair Is Not On Fire

DevOps, Professional Development
Along with a lot of other people, I've been attempting to call people's attentions to the new General Data Protection Regulation (GDPR) that was created two years ago and becomes effective in May of this year. The regulation defines processes and practices around the privacy and protection of personal data of any EU citizen. While the regulation is defined by the EU, since it's applicable to the data of EU citizens, the applicability is anywhere that data may exist, even in other countries. So, the GDPR applies to you and your data if you have EU citizens data in your databases. Different countries have trade treaties in effect with the EU which will allow the EU to enforce this, even though you and your data are located somewhere else. None…
Read More

Snow, Heathrow Airport, Disaster Recovery

DevOps
I recently flew from Boston to the UK through the Heathrow airport. It just happened to be on the day that the UK got about 1.5 inches of snow (sorry, 3.8 centimetres, according to Weather Underground though, just 15mm, not sure about that). I spent a little more than four hours sitting on the runway at Heathrow before I was able to get out of the airplane. It was a frustrating and tiring experience, but it made me think about disaster recovery. Having a Disaster Recovery Plan Most of us have a Disaster Recover (DR) plan. Of course we do. Well, probably. Well, we take backups. Well, we occasionally take some backups. Well, we're pretty sure someone within the organization may have taken a backup once... somewhere... probably. Heathrow Airport…
Read More