Thomas Vandezande

In the daily life he’s a Microsoft SQL consultant at Realdolmen with the focus on performance and security. He usually grabs the opportunity to put the security topic on the table whenever a customer contacts him to design a new SQL environment. It’s his personal mission to convince SQL database owners that security should be a top priority and not ‘everybody is a sysadmin’. Every database owner convinced is another step closer to a world without data leaks.

He hopes speaking at dataMinds will provide him the opportunity of bringing that battle to a larger audience. Instead of convincing people one at a time, convince a group and hope they spread the word.

When he’s not working for Realdolmen he’s either scripting (in Powershell offcourse!) or working in his garden that provides him a special place away from stress. Other than that he enjoys everything related to the Italian culture with the main focus on food and coffee.


SQL security, where next-next finish just isn’t enough



SQL comes with a lot of security settings out of the box. Very few of them are enabled by default. We will learn how to set up and configure SQL in a secure way.
Some of the topics that will be covered:
• gMSA accounts
• Kerberos vs NTLM (Windows vs SQL auth)
• Granular rights (not everybody is a sysadmin)
• Firewall
• Hidden instance

More important, which configuration options provide you with a false idea of security:
• Putting SQL on a non-standard port
• Database encryption (in some cases)

If timing permits a live-demo or screen recording based on my following blogpost: