#42-Auditing Database Permissions in SQL Server

Report Builder
Speaker: K. Brian Kelley

Add To Outlook: Add To Calendar

Date and Time: 11/4/2010 11:30:00 AM CST

BIO: Brian is a SQL Server author, columnist, and Microsoft MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress) and Professional SQL Server 2008 Administration (Wrox). Brian currently serves as a database administrator / architect for AgFirst Farm Credit Bank where he can concentrate on his passion: SQL Server. He previously was a systems and security architect for AgFirst Farm Credit Bank where he worked on Active Directory, Windows security, VMware, and Citrix. In the technical community, Brian is president of the Midlands PASS Chapter, an official chapter of PASS. Brian is also a junior high youth minister at Spears Creek Baptist Church in Elgin, SC.

Topic: #42-Auditing Database Permissions in SQL Server
Invariably, the dreaded auditors will come knocking at your door wanting to know who can do what in a database. Knee deep in other initiatives, the last thing you want to do is parcel out the time required to answer their requests and the follow-on questions they're likely to have. However, you know that this these are requests you can't refuse and you resign yourself to your fate. In this presentation, Certified Information Systems Auditor (CISA) and Microsoft SQL Server MVP K. Brian Kelley will cover what to audit, how to audit it quickly and efficiently, and the gotchas to look out for when it comes to compiling and reporting database permissions in SQL Server. Coverage of the security catalog views to use in SQL Server 2005/2008 as well as capturing implicit permissions will be focused on.