TITLE:
SQL Server Security in a nutshell. One day which saves your job.

ABSTRACT:
Data breach. Security Risk. The leak of the Data. Yahoo. Ashley Madison. Local Government Authority. European Union Directive. We heard those headlines almost every week, even not every week. Not - what happens? Why does it happen? Someone attack infrastructure. Someone want to steal data. Someone want to get our secrets.

Who the hell is responsible for it? General Manager? Security Officer? Windows Administrator? DBA? After data breach, this is the first question. What answer could be? It's not my fault, look somewhere else mistake. Are you confident to say this? Are you sure that you did everything which was possible to protect data under YOUR control?

On the full day training before SQLDay 2017, we will talk about security. Seriously.

PART ONE:
(morning till coffee break) {level 200}
Basics of the security. Best Practices. Worst Practices. Sharing Experience. TOP 10 OWASP. TOP 10 (or maybe just TOP 1) security issues for databases. Everything which is connected with security for databases. Principles, SWOT and Risk Analysis. Responsibility, compliance and governance rules. GRANT. ALLOW. DENY.

PART TWO:
(coffee break till lunch) {level 300}
In this module, we will focus on SQLServer on-premise, based on our knowledge from the first module. Accounts, Users, Logins, Passwords. Transparent Data Encryption or Always Encrypted or maybe Row Level Security? Location of data, operating systems (not only Windows). Source Control. BACKUP GO. RESTORE OFF.

PART THREE:
(lunch till afternoon tea) {level 300}
In this module, we will touch the sky. We will focus on Windows Azure Platform and Services. SQL Azure Database. Transparent Data Encryption, Data Masking, Key Vault and few other services and functionalities we will touch. CONNECTION TERMINATED.

PART FOUR:
(afternoon tea till evening) {level ???}
In final module we will try to find the best way (based on several factors) to make our environment, our data secure. It will be a game, it will be a challenge but after all, you will know - how secure your data are. And what you should/need to do for bringing the security of your data level up. But be aware - we will not talk only about data. We will talk about DBA too. YOU. YES, YOU!



REQUIREMENTS FOR ORGANIZER:
• desk with space
• wired connection (preferred for speaker) if not possible
• wireless connection (separated from attendees) if not possible just good connection
• please check that port 1433/1434 are open on both (speaker and attendees) networks
• wireless connection for attendees
• Desk (in class or oval/L/T style) room with place for laptops, notes with power connection
• One big wall with possible to stick big paper on the wall
• flipchart

Proposed time schedule (as almost always could be change)
• PART ONE: (morning till coffee break) {level 200} | 08:30-10:15 {105 min}
• PART TWO: (coffee break till lunch) {level 300} | 10-45:12:30 {105 min)
• PART THREE: (lunch till afternoon tea) {level 300} | 13:30-15:15 (105 min)
• PART FOUR: (afternoon tea till evening) {level ???} | 15:45-17:30 {105 min)
EXTRAS: (after hours discussions) 17:30-18:00 {30 min}