Google Cloud Security Best Practices

Many businesses employ powerful cloud platforms such as Google Cloud to store company data – spreadsheets, documents, databases, images, applications, software and much more. But some businesses contemplating Google Cloud Platform wonder: Is Google Cloud safe? Is data stored in Google Cloud secure?

The answers to these questions appear to be “yes,” as long as companies take extra steps to make certain that data won’t be compromised. Below are some Google Cloud security best practices that business leaders should be aware of when working with their teams to ensure the security of company information.

Why Use Google Cloud?

As might be expected, Google has put a lot of resources into making Google Cloud a state-of-the-art storage platform. Unlike some upstart cloud providers, Google Cloud has evolved a reputation for quality data storage performance. Accessible anywhere in the world, Google Cloud claims to be “cost-effective and constantly improving.” It delivers all the high-performance infrastructure companies need for storage of their data.

Google Cloud also includes powerful tools for analyzing big data. Companies generate all kinds of data that can be useful in tracking business transactions, identifying customer or client trends, pinpointing inefficiencies in systems, and making informed decisions on the future of the business. Google Cloud’s customizable business intelligence (BI) analytics can propel businesses to greater success.

Keeping Google Cloud Secure

Along with Google Cloud’s respectable track record comes a commitment to security. Google works strenuously to ensure that data stored in Google Cloud is protected from intrusions. Although a public cloud platform has inherent security risks that a more expensive private cloud would not, Google nevertheless understands that the security of company data must be a major concern of any cloud platform.
While Google is doing its part in keeping data protected, security is a shared responsibility. Here are some Google Cloud security best practices companies should take into account:

Data Classification. Data has different degrees of sensitivity. Classifying data allows companies to categorize any data that should be restricted from wider distribution or otherwise confined to certain user groups. This is especially critical for data containing private information that could identify a specific individual, whether an employee or a customer.

Access Control. Companies are responsible for controlling access to data. It’s important to set user permissions at the project and application levels. This includes preventing end users from sharing critical information outside the corporate network or public cloud infrastructure.

Password Protection. Insisting that users have strong passwords is always a security best practice, especially when working in the cloud. Passwords should be as unpredictable and as random as possible. Two-factor authentication solutions (such as a password and token, password and emailed code, password and fingerprint) make it even harder for attackers to gain control of an account.

Data Encryption. Encrypting data is essential for creating a secure working environment. This is especially important when transferring data into or out of the cloud. Employing strong encryption, at all phases of data management, makes it more unlikely that data will be compromised.

Vulnerability Testing. It’s also important that data environments be routinely checked for vulnerability. Vulnerability assessment and penetration testing (VAPT) look for code flaws and application leaks that might make data insecure. If a vulnerability is found, it should be reported to Google via the Vulnerability Reward Program.

Security Sharing with Consultants. When hiring cloud platform consultants, companies should look for ones that takes security and privacy seriously. Any third-party vendor that handles business information should have the highest certification available when it comes to security processes.

At RDX, security is of paramount importance. Although we don’t store or process any data for our customers, we adhere to one of the most comprehensive security and privacy frameworks in the IT industry and have audited every security control possible within our organization. We reduce the risk of business disruption by leveraging RDX’s expertise and controls – which includes SSAE16, AICPA SOC 2 and PCI DSS compliance – ensuring the security, availability, integrity, confidentiality and privacy of data and transactions. You don’t become the #1 provider and pioneer of remote DBA services without paying close attention to data security.

ICYMI- RDX Insights Webinar: Microsoft SQL Azure Overview & Demo

This month, RDX’s VP of Delivery Strategies and Technologies, Chris Foot, and RDX Azure Expert, Jim Donahoe, teamed up to present Microsoft SQL Azure Overview and Demo.

During the webinar, Chris and Jim took a deeper look at some of Azure SQL DB’s most popular and interesting features in addition to how the product differs from its on-premises and IaaS counterparts. They also covered a wide range of topics from purchasing and provisioning to geo-replication, sharding and advanced automations.

The presentation concluded with a demo from Jim explaining how to:

  • Deploy a DBaaS instance
  • Configure a DBaaS firewall
  • Configure resource locks
  • Use Query Performance Insights(QPI) to analyze DBaaS workloads
  • Perform failover group configurations and use cases

If you missed yesterday’s webinar, you can view a copy of the slides on SlideShare.

You can also get access to the live recording of the presentation here.


Join our mailing list for updates about future RDX Insights Series presentations by emailing

What Is a Strong Password?

It goes without saying that the security of any company’s business information is of primary importance. Whether or not sensitive customer information is actually stolen, any breach in company data makes security appear weak, can scare away customers and may eventually lead to a company’s demise.

Most systems and applications dictate what the minimum security standards are; one system might simply require 8 alphanumeric characters while others may require longer ones with additional parameters, such as the inclusion both upper and lower-case letters and the forced exclusion of publicly available personal data, such as a user’s name.

Oftentimes, a person’s password strength will conform to the minimum standards required.

There are many security measures a company can take to protect the business against information attacks. One such measure lies within control of every individual user: password security. Regardless of whatever the minimum standards of a system are, individuals should strive to create the most secure passwords they can. Here’s some password advice from experts in the field.

What Most People Think Is a Strong Password (Really Isn’t)

Password security has been a business priority for a long time. Users are instructed to generate passwords that would be difficult to hack. But just how strong are those passwords?

Some experts believe it hardly matters. They argue that hacking software has become so sophisticated that it can decode pretty much any password users create. There have been instances, too, where businesses have required users to maintain complex passwords only to have hackers break in and steal a list of the company’s passwords that was never encrypted on the server.

These skeptical experts advise businesses to instead put more of their energies into locking down systems, strengthening firewalls, encrypting data, employing two-factor authentication and putting clear procedures in place that prevent hackers from getting in and information from getting out. While these are all best practices businesses should definitely follow, other experts continue to believe in the importance of password protection as a central way to safeguard business information.

Why Passwords Fail

What makes a weak password? Passwords fail for any number of reasons, but the most common one is that they’re too predictable. Anytime users include familiar words or phrases or identifiable numbers, the password has a good chance of being hacked. Using a street name and house number, for example, would be like putting the welcome mat out for hackers. Same with using surnames, maiden names, parents’ names, kids’ names, pet names or any number of other recognizable monikers.

It’s not that hackers know who users are and where they live, but the algorithms they employ to break into systems are very good at guessing. Hackers can process password attempts automatically and at lightning speeds. Without strong passwords, companies might as well just give away their information.

What Is a Strong Password?

For better password security, users should take into account all of the following:

1. A strong password should be at least 12-16 characters in length – the longer the better.

2. It should be a combination of upper- and lower-case letters, numbers and special characters.

3. It should include unrecognizable strings of letters (i.e., words not found in the dictionary). Foreign or nonsense words can be useful. It’s not enough to simply replace letters in common words with special characters. “$pring&$ummer,” for example, wouldn’t be very strong.

4. Mix it up as much as possible. The more random the better. The problem with random passwords is that they’re hard for users to remember. One solution is for users to create unusual acronyms only they would know. For example, take the phrase “My parents live at 445 N. Locust Street in Elizabethtown, Pennsylvania.” The password version of this might be: “Mpl@445N.LSinE,PA” – a strong password.

5. Avoid using the same password in many different places. Again, users have trouble remembering lots of different passwords and tend to rely on a few choice ones. Hackers know this and will try to exploit it. One solution is to use a password manager service. A password manager will create a strong password for each application and then store it in encrypted language. The user needs to remember only one password (hopefully a strong one) that tells the password manager to unlock or log into any application.

Business leaders should ensure that their company employs best practices in preventing data breaches. That includes procedures for designating strong passwords that stymie hackers.

At RDX, security is of paramount importance. Although we don’t store or process any data for our customers, we adhere to one of the most comprehensive security and privacy frameworks in the IT industry and have audited every security control possible within our organization. You don’t become the #1 provider and pioneer of remote DBA services without paying close attention to security issues, especially as they evolve in the future.

Business Intelligence Trends That Will Impact Your Business

The future of business intelligence (BI) promises better access to information, more ways to analyze data and make decisions, and superior methods of reporting results to managers and stakeholders. A modernized, robust BI platform can mean the difference between a company lagging behind or leading the pack. Medium and small-sized businesses especially are joining the BI revolution.

Here are a number of the latest business intelligence trends that may impact a company’s ability to attract and keep customers or clients, while ensuring the smoothest possible operation of the business:

1. Data Discovery Tools. One BI trend sure to be on the radar of every business is data discovery. Data discovery steers business leaders toward new ways of seeing and analyzing company data.

As data becomes more complex, it makes better sense to show it in more interactive and visual presentations. Text and tables of hard-to-consume data are being replaced by charts and graphs that can be flexed and manipulated. These new interactive visualization tools enable decision-makers to see major business trends and to spot problematic issues more quickly.

2. Self-service Business Intelligence. It used to be that when company decision-makers wanted to see business data, they would have to request it from the IT or finance departments. What the decision-maker received may or may not have been useful to them. With self-service BI, business leaders can get instant access to customizable data wherever they are.

More and more, business leaders appreciate the ability to analyze and act on data right at their fingertips. Users can modify their own dashboards, design their own queries, customize their own models, create their own reports and take advantage of other functionality without involving IT or finance staff.

3. Predictive Analytics. Business forecasting has always been important, but taking some of the guesswork out of forecasting can pay off big time for businesses. Predictive analytics is a BI trend that examines complex enterprise data and makes assumptions and projections on future probabilities.

Predictive analytics has many uses when it comes to BI, including: determining the value of prospects and customers; forecasting price, sales and demand; predicting machine failures; and monitoring and evaluating social media. By using predictive analytics, business leaders can better understand the inefficiencies or strengths of their companies and improve future company performance.

4. Data Quality Management. We’ve all heard the prophetic adage “garbage in, garbage out.” This is especially true for BI. Without reliable, accessible and coherent data, BI might produce false assumptions and spawn poor decisions that harm the company.

Data quality management uses a number of parameters to ensure the integrity of information. These include: completeness, accuracy, validity, uniqueness, consistency and timeliness. Managing the quality of data is vitally important to making the right company decisions and optimizing success.

5. Cloud Analytics. While many businesses already use cloud solutions for data storage, the cloud also provides incredible opportunities for analyzing business information. Employing cloud-based data analytics offers companies up-to-the-minute technology without having to develop expensive in-house expertise.

A cloud BI system can be implemented within a very short time frame and at significantly lower costs than an in-house BI platform. It requires no additional hardware purchases or IT resources, and future costs are much easier to predict. Some businesses have been reluctant to embrace the cloud, but recent improvements in security and infrastructure has virtually wiped out any concerns businesses may have had in that respect.

With BI becoming increasingly important to business success, RDX is committed to helping businesses gain a competitive advantage by providing the expertise, services and scale they need to maximize the value of their BI. Since our inception in 1994, our remote DBA services have helped hundreds of companies improve the quality of their database environments while reducing the costs associated with on-site database management.

We also help clients leverage Microsoft’s industry-leading BI Product Suite (SSIS, SSAS, SSRS) and Power BI, enabling them to turn raw data into revenue. Our customized, scalable Microsoft BI solutions allow companies to unlock the power of data to delight customers, drive differentiation and make better, faster business decisions. It’s why we’re the #1 provider and pioneer of remote DBA services.

ICYMI- Microsoft Business Intelligence Overview and Power BI Demo

October’s RDX Insights Series presentation was an updated version of May’s Microsoft Business Intelligence Overview and Power BI demo. This month, RDX’s VP of Delivery Strategies and Technologies, Chris Foot, and Product Manager of Business Intelligence and Data Warehousing, Jeremy Frye, teamed up to present:

    An overview of the Microsoft BI product suite
    Advantages of using Microsoft’s BI products
    A Power BI demo and how it integrates with SSIS/SSAS/SSRS
    How to use Power BI to capture, model, transform and analyze key business metrics

If you missed this presentation, you can view and download a copy of the slides on SlideShare.

You can also view our video recording below:

Next month’s RDX Insights Series presentation will be a Microsoft SQL Azure Overview and Demo. We’ll discuss the monitoring, performance, security and availability features available within Azure in addition to how Azure environments differ from their on-premises counterparts. The presentation will conclude with an Azure demo from one of our SQL Server Azure experts, Jim Donahoe.
You can join our mailing list for updates about future RDX Insights Series presentations by emailing

ICYMI- RDX Insights Webinar- Secrets for Successful Regulatory Compliance Projects

Check out RDX’s September RDX Insights Series webinar, Secrets for Successful Regulatory Compliance Projects. This month we teamed up with industry-leading auditing and compliance firm, MegaplanIT, to present an overview of the most popular industry standards and regulatory requirements available and a deeper dive into AICPA SOC 1, SOC 2 and PCI compliance. We also featured a case study of RDX’s PCI and AICPA SOC 1 and SOC 2 compliance projects to provide attendees with a set of implementation and ongoing adherence best practices.

Check it out to learn which industry standard is best suited for your business needs:

A copy of the presentation can also be viewed on SlideShare.

Next month’s RDX Insights Series presentation will be an encore of May’s Microsoft Business Intelligence Overview and Power BI Demo. We provide an overview of Power BI, SSIS, SSAS and SSRS and how the products integrate with each other. The webinar continues with a detailed discussion on how to use Power BI to capture, model, transform, analyze and visualize key business metrics. We’ll finish with a Power BI demo by RDX BI Team Manager, Jeremy Frye, who will highlight some of its most beneficial and interesting features.

If you are interested in signing up for October’s presentation, please email

RDX Shows Commitment to Helping Veterans Find Jobs at Pittsburgh Career Fair

One of RDX’s highest priorities is ensuring that our customers’ environments are being administered by the best database and operating system specialists in the country. Because of our continued growth, we have to recruit new talent frequently. We are also committed to helping those who fought for our country find sustainable careers after they complete their military duties. RDX currently has several veterans on staff that have all provided valuable attributes to our team. “RDX is dedicated to finding the best talent in the industry with the discipline needed to help solve our customers’ toughest challenges. We’ve been impressed with the expertise, work ethic and customer support skills our veterans on staff bring to RDX, and we are honored to participate in the furtherance of their career paths,” said RDX CEO, Buddy Flerl.

To further our mission of helping veterans succeed, RDX recently attended CareerLinks’s Pittsburgh Matchmaker 2.0 Recruitment Event, which gave local veterans Priority of Service to all vendors in attendance. “RDX is looking for hard-working, detail-oriented people who are willing to accept challenges and solve problems with professionalism. As a U.S. Army veteran, I realize that the military provides training and skill sets that develop and reinforce these character traits. When veterans leave active duty and seek to join the civilian work force, they already possess these well-developed character traits and professional skills which can give them a strong foundation to achieve early and prolonged success in nearly any career field. Most veterans are eager to prove what they’re made of and RDX recognizes that veterans are a valuable workforce resource. I feel very fortunate and proud to be a part of the RDX team,” said RDX SQL Server DBA and veteran, Michael Best.

While at the career fair, RDX met with many promising veteran candidates who are looking to jumpstart their IT careers. Due to the event’s success and the excellent support our veteran employees provide to our customer base, RDX plans to attend additional veterans-focused career fairs and extend our commitment to helping our nation’s heroes find competitively-paying jobs with advancement opportunities.

If you’re a veteran interested in learning more about openings at RDX, please contact for more information.

Azure DBaaS Alerts

At one of my previous DBA jobs, I encountered some performance issues in our Azure PaaS offering. Clients were experiencing 30-40 second login times and 10-15 second save times, which is considered poor. Of course, everybody’s first thoughts were, “THE DATABASE IS SLOW!!” After pulling up every single chart and metric I could, I finally proved to them it was not the database.
Continue reading Azure DBaaS Alerts

Configuring AzureDB DBaaS

One of the sessions I give at PASS events is about configuring your on-premises SQL instance. I have also been working with Database-as-a-Service, DBaaS, for a while now and thought it would be helpful to do a session on configuring DBaaS for beginners.  The purpose of this blog post is to list some of the things that I believe are crucial for first time deployment
Continue reading Configuring AzureDB DBaaS