The Fantastic 12 of 2012: Behind the Scenes of Organizational Security and Compliance

Welcome to the third episode of the Fantastic 12 of 2012: Behind the Scenes Blog Series, where we’re providing a unique look into some interesting stories and perspectives from members of the SQL Server Engineering Team as they developed SQL Server 2012. If you missed the previous episodes, be sure check out Episode 1 and Episode 2.

In this week’s episode covering Organizational Security and Compliance, the ever-famous Il-Sung Lee, Senior Program Manager, talks about some of the new functionality in SQL Server 2012 and the history behind User-Defined Server Roles and how it became the first feature included in SQL Server 2012. He also talks about a unique tester he worked with and how the team would play practical jokes on him. We can only assume the tester wasn’t pleased!

Don’t forget to participate in The Fantastic 12 of #SQL2012 Twitter Contest where we’re giving away the cool new SQL Server T-Shirts that the SQL Family selected.


3 Organizational Security and Compliance
Help enable security and compliance with built-in security and it controls

Data Protection

  • Encryption: Protect data with built-in encryption capabilities that help protect confidential information including Transparent Data Encryption that adds advanced protection without requiring changes to the application.
  • Certifications: Maintain confidence with third-party verifications; release over release, SQL Server pursues and achieves globally recognized Common Criteria Certifications.

Control Access

  • User-Defined Server Roles: Easily manage permissions to support separation of duties.
  • Default Schema for Groups: Help increase manageability and decrease complexity of database schema by allowing a default database schema for Windows group user accounts.
  • Contained Database Authentication: Help control database access to deployed applications while improving manageability with self-contained access to information without the need for server logins.
  • Active Directory: Help secure end user data analytics with new SharePoint and ActiveDirectory security models for end user reports published and shared in SharePoint.

Ensure Compliance

  • SQL Server Audit: Help ensure compliance related to auditing with audit resilience, filtering, user-defined audit, and enablement across all SQL Server editions.
  • Policy-Based Management: Define configuration policies and apply them to servers, databases, tables, and other targets across a server environment to help ensure policy compliance across the environment.

Stay tuned for the next episode of this series coming every Thursday through the end of June 2012.