DECLARE @ServerName nvarchar(50) SET @ServerName='SQL01'; WITH CMSCTE AS ( --Anchor SELECT server_group_id, name, description, parent_id, 1 AS [Level], CAST((name) AS VARCHAR(MAX)) AS CMSPath FROM msdb.dbo.sysmanagement_shared_server_groups AS A WHERE parent_id IS NULL UNION ALL --Recursive Member SELECT B.server_group_id, B.name, B.description, B.parent_id, C.[level] + 1 AS [Level], CAST((C.CMSPath + '->' + B.Name) AS VARCHAR(MAX)) AS CMSPath FROM msdb.dbo.sysmanagement_shared_server_groups AS B JOIN CMSCTE AS C ON B.parent_id = C.server_group_id ) SELECT TOP 1 CMSPath AS 'Path in CMS' , B.name as 'Server Name', B.description AS 'Server Description', A.name AS 'Group Name', A.description AS 'Group Description' FROM CMSCTE AS A INNER JOIN msdb.dbo.sysmanagement_shared_registered_servers AS B ON A.server_group_id=B.server_group_id WHERE B.name = @ServerName ORDER BY [Level] DESC
Monday, May 16, 2022
T-SQL to find Navigation path in CMS
In large enterprises there will be huge number of SQL servers which will be registered within a Central Management Server (CMS) and times it may become difficult to find out where the server is registered atleast for new team members in the Huge pile of servers and folder structure. This query give you the path where the specified servers is registered within the CMS.
Friday, April 22, 2022
T-SQL to find Remote Server Name of the linked server
At times it happens that you might have named a linked server with a friendly name that the actual server name. As the time flies and people change in the team, it will become difficult to identify how or to where this is linked. You can find the information using the sp_linkedservers stored procedure but what if the linked server configured uses a entirely different DNS name than the actual server? The below query helps to get the Remote Server Name with few other details when run against a linked server.
DECLARE @linkedServerName varchar(100), @sql varchar(max)
SET @linkedServerName='Your Linked Server Name'
SET @sql = CONCAT('SELECT * FROM OPENQUERY([',@linkedServerName , '],
''SELECT ''''',@linkedServerName,''''' AS LinkedServerName,
@@SERVERNAME AS RemoteServerName, SUSER_SNAME() AS ConnectedWith, DB_NAME() AS DefaultDB'')')
EXEC (@sql)
Thursday, February 20, 2020
Disable Auto-Forwarding of e-Mails to external domain in Office 365
e-Mails are one of the most critical components and infrastructure of any business in the current day and age. e-Mails can bring in business as well as loss if misused. A lot of data theft can happens via e-Mails and it becomes most important to safegaurd the e-Mail infrastructure.
If a hacker gains access to a user's mailbox, they can auto-forward the user's email to an outside address and steal proprietary information.
One such step in safegaurding the data that leaks via emails is to disable the Auto-Forwarding of e-Mails to external domains.
To Disable Auto-Forwarding of e-Mails to External Domains in Office 365, Create a Transport Rule as below
If a hacker gains access to a user's mailbox, they can auto-forward the user's email to an outside address and steal proprietary information.
One such step in safegaurding the data that leaks via emails is to disable the Auto-Forwarding of e-Mails to external domains.
To Disable Auto-Forwarding of e-Mails to External Domains in Office 365, Create a Transport Rule as below
- From the Microsoft 365 admin center, Select Exchange --> Mail Flow --> Select the Rules tab --> Click on the plus sign and Choose "Create a new rule"
- Name your new rule and Select More options
- Click on the drop-down for "Apply this rule if", Select the "Recipient", and then "is external/internal"
- Select "Outside the organization" and click OK
- Click "add condition" and Click on the drop-down, Select "The message properties", then select "include the message type"
- Open the select message type drop-down, choose "Auto-forward" and click OK.
- Open the "Do the following" drop-down, select "Block the message", then choose "reject the message and include an explanation"
- Enter the message text for your explanation that you want to show to your users, then select OK.
- Scroll to the bottom and select Save
This newly created Transport Rule will now start blocking the Auto-Forwarding of e-Mails to external domains.
Friday, November 8, 2019
Importance of Identity Verification for Mobile Devices - A guest Post by Maxwell Donovan
In the world today, almost every grown-up owns a mobile phone, and more than half of them are smartphones with a lot of sensitive data. For the multitude of persons with a mobile device, data security is one of the most critical issues with using one. Whether you own an Android or IOS device, Identity verification should be part of the features you should look out for in a phone.
Security features in modern smartphones include an identity verification system that prevents unwanted entry and access into the user area. In most cases, a password is required to gain access to the phone, which can only be provided by the owner. Identity verification for mobile devices is highly essential, and it doesn't matter if you are tech-savvy or not, there are a lot of things you can do to safeguard your data from hackers.
With a password feature installed on your phone, you certainly can prevent a stranger from getting into your mobile phone, or your partner from reading your messages. And you get the assurance that you don't have to worry about losing sensitive information in a situation when your mobile device goes missing. There are different types of security features available in smartphones for use in identity verification. Some mobile devices enable fingerprint and retina scans that make it easy to lock and unlock a mobile device quickly. Some features require you to enter a passcode or draw a pattern to gain access to the phone. There is also the option of voice activation where you speak, and the voice recognition system gets to work.
Identity verification also plays a significant role in corporate security, where it helps to prevent the loss or theft of sensitive information and data. It would be easy for hackers to gain access to company profiles and records if not for security features that prevent the invasion of their privacy. Top secret government activities will also not be left out as hackers are continually crawling the web for loopholes to gather information or leverage. In the workplace, it could also help to keep customers out of employee-only areas. The use of keycards with microchips in them could prevent unwanted entry into private areas of the business.
Business owners could also benefit from the use of security systems with identity verification features that control the movement of persons inside the building. You could also get security cameras fitted with an identity verification system. It works by simply checking the faces of each person that looks into it and running it through a facial recognition system. A lot of shop owners are taking their business online, and this means that they are using their mobile devices more frequently for their business activities.
There are malware and viruses that can corrupt mobile devices from browsing online, and while security features can help to keep you safe, you should also consider the kind of defensive system you choose for your device.
One of the importance of identity verification for mobile devices is that it prevents identity theft. A single breach in your mobile device by a skilled hacker can expose your identity and sensitive information like your financial and bank details. They can also access your emails, social media handles, and health records.
There is a lot you can lose if someone should steal your identity even for a few minutes, so you should take necessary precautionary measures to prevent any form of unwanted entry into your mobile device. You can start by using a mobile device with an identity verification system as part of its security features.
About Maxwell Donovan
Maxwell Donovan is a regular writer and blogger. He works for a Conference organization. His prime errand is to discover the correct group of spectators for the conference and different business occasions. These conference and occasions are basically held at top meeting settings in India. You can find him at Facebook and Twitter or you can read this article.
Tuesday, April 9, 2019
Best Security Practice In An Era of 5G and Cloud Platforms - A guest Post by Ralf Llanasas
Greater potential brings greater security responsibilities
The real world application of 5G is bound to trigger security issues that might not be evident in labs and test beds. As 5G promises customers, businesses, and service providers unparalleled potentials, so too does it hold unparalleled security lapses that will give way to cyber-attacks.
5G will envelop a vast array of technology platforms, from mobile devices to WiFi, Bluetooth, IoT infrastructures, etc., and security provisions need to cater to all of these. The technology’s low to zero latency also improves cloud performance, driving more industries, devices, and applications to become even more cloud dependent, if not completely.
The real world application of 5G is bound to trigger security issues that might not be evident in labs and test beds. As 5G promises customers, businesses, and service providers unparalleled potentials, so too does it hold unparalleled security lapses that will give way to cyber-attacks.
5G will envelop a vast array of technology platforms, from mobile devices to WiFi, Bluetooth, IoT infrastructures, etc., and security provisions need to cater to all of these. The technology’s low to zero latency also improves cloud performance, driving more industries, devices, and applications to become even more cloud dependent, if not completely.
More applications, more loopholes
Image credit: https://www.ericsson.com/en/ericsson-technology-review/archive/2017/securing-the-cloud-with-compliance-auditing
A number of studies have recently raised red flags over 5G security gaps yet to be resolved. One such is the UK Government’s 5G Testbeds and Trials program conducted in collaboration with the University of Surrey’s 5G Innovation Center and three ongoing testbed programs -- AutoAir, 5G RuralFirst, and Worchestershire 5G.
Peter Claydon, project director of AutoAir, states that, “Since the age of 2G, mobile networks have been some of the most secure things on the planet, helped by the fact that each one is controlled by a single network operator.” He points out that this is different with 5G because the technology “opens up mobile networks allowing network operators to provide ‘slices’ of their networks to customers.” The result of such a scenario is therefore more open entry points for attacks.
In another similar study conducted by a team of researchers from the Technical University in Berlin, ETH Zurich, and SINTEF Digital Norway, it was found that 5G opens up glaring security lapses in Authentication and Key Agreement (AKA). AKA provides a security protocol used by phones to securely communicate with mobile networks. These security lapses in AKA over the 5G airwaves can allow cybercriminals to intercept calls and text messages on phones, as well as steal other sensitive data.
These studies, along with many others, have led to insights on the best security practices in an era of 5G and cloud computing. Before determining solutions, however, its best to zero in on what exactly the key challenges of 5G are.
Key security challenges
5G introduces a fundamental change in the relationship between networks, human machine interface, and end users. The key security challenges that attend such a reconfiguration include:- Exposure of critical facilities: With IoT networks woven through facilities such as power grids, elevators, door locks, water systems, autonomous vehicles, etc., 5G exposes our critical infrastructures to unprecedented risks.
- Workload migration: Migration of workloads to 5G edge-computing exposes businesses to the combined risks of endpoint computing and cloud computing, given that the businesses need to monitor thousands of computing nodes in the process.
- Hybrid computing eroding perimeters: With 5G, the idea of the perimeter as IT professionals know it, has been turned on its head. On 5G, different wireless networks will converge, and several aspects of business processes, health care, and the everyday lives of individuals will be locked into a system of hybrid computing where massive amounts of data are harvested to monitor and optimize odds and ends functionality.
Best Security Practices for the New Industrial Era
5G applications
The best way to address these security challenges is through unrelenting efforts from the onset, rather than waiting until these issues snowball into serious problems. With the lessons learned from the implementation of previous generations of wireless networks, businesses can put adequate preemptive measures in place to tackle these challenges.
The difference, though, lies in what’s going to be increasing reliance on cloud platforms and 5G’s ‘slices’ of networks phenomenon. These expose loopholes, but they can be plugged to some extent with the right security practices.
The following is a rundown of some best practices for the new industrial era, where cloud platforms have become so significant:
- Threat intelligence upgrades: This can serve both in risk mitigation and damage control. It can help prevent new attacks from recurring, and can also help prepare for threats as they evolve. It entails leveraging on Machine Learning and AI, and replacing traditional security architectures with more advanced security products.
- Segmenting networks: Businesses can mitigate the cyber security risks which their critical resources are exposed to by using effective strategies to segment devices, apps, workflow and transactions.
- Deploying compatible solutions: Putting together only solutions that are compatible with each other not only helps avoid further complications down the line, but also allows for the collection of data that can easily be used to identify and address risks across various parts of an organization.
- Reinforcing access control: With more people and devices accessing 5G airwaves, businesses need to deploy a zero-trust principle where every single request for network access is thoroughly validated and authenticated.
- Deploying MSSPs: Managed Security Service Providers (MSSP) give businesses a highly efficient and cost-effective option for outsourcing their 5G security responsibilities.
Final Words
5G and cloud computing is set to generate a new wave of innovation, taking productivity to new dimensions across various industries. The low to zero latency of the fifth generation mobile network technology enables a wide range of devices to stand alone, where previous networks caused them to remain tethered to other devices. This standalone capability is a result of cloud platforms, as most applications will be cloud dependent.
However, this also takes cyber security threats to new heights, and businesses need to embrace the prospects of 5G with cautious optimism. By implementing the best security practices outlined above, businesses can position themselves to reap the tremendous benefits of 5G without exposing their assets to a slew of cyber threats.
About Ralf Llanasas
Ralf is a technology blogger, he writes about the latest mobile phones and technology news. He currently works at Whatphone.com.au as a content manager and his writings can be seen on various technology blogs. He also loves taking pictures when free.
Subscribe to:
Posts (Atom)