Problem solve Get help with specific problems with your technologies, process and projects.

SQL Server database security

SQL Server database security is as important to a customer as ensuring their servers don't encounter any downtime. These tools will help keep your customer's database secure.

What database security services should I offer my SQL Server customers and how often should I test them for security flaws?

VARs can offer database clients two classes of security services:

  • Monitoring services
  • Best practices analysis

Important monitoring services include the following:

  1. Intrusion detection -- SQL Injection or buffer overflow attacks like SQL Slammer.
  2. Unauthorized object access as part of the larger umbrella of Sarbanes Oxley compliance.
  3. Destructive DDL commands -- drop table statements.
  4. Account rights escalation – guest role account enabling, or adding a low privileged user account to the sysadmin role.

As new exploits are discovered, continuous threat analysis is an important service for a VAR to offer.

Best practices analysis can include the following:

  1. Checks for weak or no passwords.
  2. Scans to ensure that all accounts are running under the least privileges.
  3. Locking down of xp_cmdshell and other features which may expose your SQL Servers to exploits.
  4. limiting use of the guest account and the sysadmin role.
This was last published in May 2007

Dig Deeper on Database Management Products and Solutions



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.