Learning Guide

Learning Guide: SQL Server security

  SQL Server is known for its ease-of-use and that characteristic is one reason why more and more businesses are choosing Microsoft's DBMS for large-scale implementations. But the default settings that make SQL Server so easy to set up can leave the doors open,

    Requires Free Membership to View

making it an easy target. This learning guide can help you identify those problem areas and secure your SQL Server systems.


   Learn from past mistakes
   SQL Server security best practices
   Some how-tos
   Keep current on updates and patches
   Learn from hackers


  Learn from past mistakes  Return to Table of Contents

The Slammer worm of 2003 provided an apt demonstration of what happens when security vulnerabilities are left unattended. The attack also revealed weaknesses in networks, such as unprotected remote users connecting to company VPNs. But it doesn't take a major Internet worm to reveal weaknesses in your system. Some common mistakes in configuration include leaving the default public permissions as is, not changing the system administrator password to something difficult and allowing too many users too many privileges.


  SQL Server security best practices  Return to Table of Contents

In simple terms, securing SQL Server means controlling access to the database and keeping current on all updates and patches. The hard part is implementing the rules and processes to do so. These guidelines can help you formulate a plan.


  Some how-tos  Return to Table of Contents

Knowing what to do is different from knowing how to do it. Here are a few real-world examples of how to implement secure practices with everyday SQL Server use.


  Keep current on updates and patches  Return to Table of Contents

Once you've covered your system, your job isn't done. New vulnerabilities will be discovered and will be exploited. Keep up to date on security bulletins and available patches. Microsoft offers these sites to learn about and report vulnerabilities, and download the necessary patches.


  Learn from hackers  Return to Table of Contents

Be proactive in your SQL Server security practices. Figure out how to hack your system before someone else does. Here are a few lessons on how hackers hack.


This was first published in February 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: