One of your top priorities as a DBA (maybe the top priority) is to secure your SQL Servers, the home to your customer details, human resources data and all business-critical information. You must not only protect SQL Server against external threats, but the much-more-common internal threats -- and the measures you take to control access will go a long way in achieving that. This guide will walk you through key tips and expert advice to help you control internal and external access to SQL Server, and it will highlight access control enhancements in SQL Server 2005.
|Controlling internal access||Return to Table of Contents|
- Hiding SQL Server
If you're running SQL Server in an environment where you don't want computers to access it, you must hide the instance from network discovery.
- Access SQL Server securely using Windows domain accounts
Windows domain accounts offer the most secure access to SQL Server. Find out why and how to use Windows authentication to defend against hackers.
- Change privilege levels for SQL Server 2000 services
SQL Server 2000 users can access OS features in accounts where the server process runs, which makes the database vulnerable to attackers unless you change the privileges.
- Which user is logged into which database
Get help tracking (in SQL Server itself) which SQL Server users are currently logged in and which database(s) they are accessing.
|Controlling external access||Return to Table of Contents|
- Hacker's-eye view of SQL Server
Hackers can devastate your SQL Server workflow and cripple your company's business. Learn the four primary methods used to hack into SQL Server.
- Use SQLPing to prevent outside access
Make sure no listening ports are open for public access on your SQL Server machines -- or you could be relaying sensitive database information to the outside world.
- Securely sharing access to SQL Server
Get a secure way to share access to a physical SQL Server running multiple databases.
|SQL Server 2005 access control||Return to Table of Contents|
- Granting permissions in SQL Server 2005
New security features in SQL Server 2005 make it easier to manage and grant permissions on a more granular basis. Get an overview of new features and functions.
- Top 10 security enhancements in SQL Server 2005
Here is a high-level list, in no particular order, of perhaps the 10 most significant security enhancements in SQL Server 2005.
- SQL Server password policies and credentials
In addition to new security features related to .NET managed code, other new security features will help you tighten authentication through SQL Server logins.
- Permissions, visibility, UDTs and user-defined aggregates
A user-defined type must be defined in the SQL Server catalog to be visible to SQL Server stored procedure, then users need the appropriate permission to invoke it.
|Additional security resources||Return to Table of Contents|
- SQL Server Security Learning Guide
From authentication to encryption, get up to speed on SQL Server security techniques.
- SQL Server Security School
Take a class in SQL Server security.
- Topics: Security
Research security best practices in this topics section.