Learning Guide: SQL Server security

SQL Server is known for its ease-of-use and that characteristic is one reason why more and more businesses are choosing Microsoft's DBMS for large-scale implementations. But the default settings that make SQL Server so easy to set up can leave the doors open, making it an easy target. This learning guide can help you identify those problem areas and secure your SQL Server systems.

This Content Component encountered an error

  SQL Server is known for its ease-of-use and that characteristic is one reason why more and more businesses are choosing Microsoft's DBMS for large-scale implementations. But the default settings that make SQL Server so easy to set up can leave the doors open, making it an easy target. This learning guide can help you identify those problem areas and secure your SQL Server systems.

 

TABLE OF CONTENTS
   Learn from past mistakes
   SQL Server security best practices
   Some how-tos
   Keep current on updates and patches
   Learn from hackers

 

  Learn from past mistakes  Return to Table of Contents

The Slammer worm of 2003 provided an apt demonstration of what happens when security vulnerabilities are left unattended. The attack also revealed weaknesses in networks, such as unprotected remote users connecting to company VPNs. But it doesn't take a major Internet worm to reveal weaknesses in your system. Some common mistakes in configuration include leaving the default public permissions as is, not changing the system administrator password to something difficult and allowing too many users too many privileges.

 

  SQL Server security best practices  Return to Table of Contents

In simple terms, securing SQL Server means controlling access to the database and keeping current on all updates and patches. The hard part is implementing the rules and processes to do so. These guidelines can help you formulate a plan.

 

  Some how-tos  Return to Table of Contents

Knowing what to do is different from knowing how to do it. Here are a few real-world examples of how to implement secure practices with everyday SQL Server use.

 

  Keep current on updates and patches  Return to Table of Contents

Once you've covered your system, your job isn't done. New vulnerabilities will be discovered and will be exploited. Keep up to date on security bulletins and available patches. Microsoft offers these sites to learn about and report vulnerabilities, and download the necessary patches.

 

  Learn from hackers  Return to Table of Contents

Be proactive in your SQL Server security practices. Figure out how to hack your system before someone else does. Here are a few lessons on how hackers hack.


 

This was first published in February 2005

Dig deeper on SQL Server Migration Strategies and Planning

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchDataCenter

SearchDataManagement

SearchAWS

SearchOracle

SearchContentManagement

SearchWindowsServer

Close