Featured Client

State of CA Victims Compensation Board

MCC provided ASP.NET design and development services to the State of California.

Company News

You Found Us; Who can Find You?

Virtually all Internet Marketing Companies require 100% of their fees without sharing any of the risk of non-performance. They ask you, the client, to take all the risk. Huge Magnet changes this imbalance by offering Pay for Performance SEO or Contingent Fee SEO.

MCC Hires 7 staff in 6 Months

We're growing and hiring. Can great service really set you apart? Our customers vote with their budgets.

SharePoint 2010 MasterPages

SharePoint Consultants. MCC has been a leader in SharePoint consulting services since 2003. We now have built several commercial grade SharePoint 2010 Master Pages that we are releasing for free. There is no catch. We can also build custom master pages for any organization with unique design requirements.

SQL Injection Attack Prevention - SQL Server Security Audit

How to secure SQL Server databases from SQL injection
There are a few ways to protect your database against these kinds of attacks. First we need to lock down the database security using database security best practices. This involves setting up the database security with the lowest set of permissions possible. It also includes not using any table-level access to the tables. All access to the tables should be done through stored procedures, and those stored procedures should not include any dynamic SQL

By removing access to the table objects you greatly reduce the surface that can be attacked. However, this is not the only thing that must be done. The stored procedures still present an attack vector that can be exploited. While this attack vector takes more time to exploit, it is possible to exploit the database using your stored procedures -- they're designed to insert, update and delete data from your database. A clever hacker can use your own stored procedures against you.

This is where your application developers need to work with you to ensure the code being executed against the database is secure. Without securing the application layer against SQL injection attacks, all bets are off. The data, as it comes into the database, is basically impossible to validate within the database. It needs to be validated at the application layer.

Without properly securing your website's front-end application and back-end database fully, you leave yourself wide open to SQL Injection attacks. These attacks can be as unintrusive as seeing if it's possible and as intrusive as sending all your customer data to the attacker. Destruction could reach levels of all data being deleted or your site and application being used to distribute a virus to unsuspecting customers. In the short term, this would infect your customers' computer; in the long term, your company could be added to an unsafe browsing list.

MCC's SQL Server DBA's are capable of reviewing code and SQL Server's configuration to assess for SQL Injection and other vulnerabilities. Remedies that we can advise or perform include:

Audit of source code and SQL Server
Rewriting .NET application code and SQL Server Objects that previously dynamically built SQL executable strings, into using parameterized SQL Server Stored Procedures
Locking down SQL Server via Surface Area Configuration
Limiting the access of SQL Server service accounts
Setting permissions within SQL Server

The SQL Server consultants at Miles Consulting Corp are ready to assist you in securing your SQL Server database from SQL Injection and other attacks.

SQL Injection and SQL Server Related Services

Security Related Consulting Services

We are a managed services provider offering IT Outsourcing, networking and software development. Our firm provides service in Sacramento, the San Francisco Bay Area, Silicon Valley, San Jose, Los Angeles, Orange County, and Las Vegas. Our infrastructure engineers and software architects provide networking and web application solutions to small businesses as well as enterprise clients. Our Microsoft certified consultants provide technical support onsite, emergency support, and consulting on business continuity and disaster recovery. Our core competencies include Microsoft CRM customization, Microsoft Exchange consulting, Cisco consulting, SharePoint consulting, Windows consulting, Outsourced Remote Help Desk, data center consulting, .NET consultants, and Cloud Consultants.

	Microsoft CRM , Dynamics CRM Certified Consultants - Microsoft CRM Consulting
	Microsoft Exchange Support, Exchange 2010 Consulting, Exchange Server Migration, Exchange Server Support - Exchange Server Consultants
	IT Consulting Firm, Network Consulting Firm, Network Support, Remote Help Desk
	IT Consulting
	SharePoint Upgrade, Customizing SharePoint, Certified SharePoint Consultants - SharePoint Consultants
	Microsoft Virtualization Consultants, Server Virtualization Firm, Virtual Server Experts - HyperV Consulting
	IT Managed Services, Outsourced IT, Managed Services Provider - IT Managed Services Firm
	MS Windows Server Experts, Support, Windows Server Consulting Firm - Microsoft Windows 2008 Consulting
	Cisco Certified Network Associates, CCNAs, CCSPs, ASA, PIX, Cisco Router, Cisco IOS Experts, PIX;- Cisco Consulting
	IT Outsourcing, On-Site Computer Support, Outsourced IT, On-Call Tech Support
	Computer Networking, Network Support Firm, Windows Network Experts, Technical Support, On-Site and Remote Help Desk - Network Support
	VMWare Support, Server Virtualization Consultants, Server Consolidation, Hyper-V versus VMWare
	Colocation Planning, Data Center Needs Assessment - Data Center Consultants - Cloud Migration Consulting
	Network Penetration Testing, IT Security Audit, Computer Security Consultants, Windows Network Security Protection - Network Security Firm
	.NET Architects, Service Oriented Architecture, ASP.NET Consultants, C#, VB.NET, .NET Framework - .NET Consulting
	IT Staffing Firm, IT Recruiter, Technical Recruiting, Tech Staffing - IT Staffing
	Disaster Recovery Firm, Disaster Recovery Consultants, DR Solutions - Disaster Recovery Consulting
	Non Profit Discounted IT-Consulting to 501c3 Organizations - Non-Profit Discount
	Microsoft Certified Consultants, Microsoft Experts - Microsoft Gold Certified Partner
	.NET Software Development, Microsoft Certified Solution Developers, .NET architecture and development, Requirements management, Website architecture, User interface design, Database design, SQL Server performance tuning, SQL Server Reporting Service, XML Web Services, Web development using ASP.NET, Software development with VB.NET and C#, Microsoft "Click Once" application development, E-Commerce development, User support & ongoing maintenance, Mentoring with your existing staff, Software Testing & QA - .NET Development
	Colocation Consulting, Data Center Migration Specialists - Colocation Consultants
	Silicon Valley IT Consultants, Orange County Computer Consultants, Oakland IT Consultants, Sacramento IT Consultants, Las Vegas IT Consultants, San Francisco IT Consultants, San Jose IT Consultants, Los Angeles IT Consultants, San Diego IT Consultants, Reno IT Consultants, Irvine IT Consultants, Long Beach IT Consultants, Stockton IT Consultants, Colorado IT Consultants, Seattle Network Consulting, Hawaii IT Consultants