SQL Server database security

SQL Server database security is as important to a customer as ensuring their servers don't encounter any downtime. These tools will help keep your customer's database secure.

Hilary Cotter
Published: 30 May 2007

What database security services should I offer my SQL Server customers and how often should I test them for security flaws?

VARs can offer database clients two classes of security services:

Monitoring services
Best practices analysis

Important monitoring services include the following:

Intrusion detection -- SQL Injection or buffer overflow attacks like SQL Slammer.
Unauthorized object access as part of the larger umbrella of Sarbanes Oxley compliance.
Destructive DDL commands -- drop table statements.
Account rights escalation – guest role account enabling, or adding a low privileged user account to the sysadmin role.

As new exploits are discovered, continuous threat analysis is an important service for a VAR to offer.

Best practices analysis can include the following:

Checks for weak or no passwords.
Scans to ensure that all accounts are running under the least privileges.
Locking down of xp_cmdshell and other features which may expose your SQL Servers to exploits.
limiting use of the guest account and the sysadmin role.

Dig Deeper on Database software management

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Hilary Cotter

Why should service providers pay attention to SOA?

SOA depicts how two services or programs can communicate with each other. Learn why SOA should catch the attention of service providers and the ... Continue Reading

When should a client use XP SP3 rather than upgrading to Vista or another OS?

Learn the new components of Windows XP SP3 including black hole router detection and network access protection. Compare XP SP3 features to Vista and ... Continue Reading

Why would I recommend Oracle VM to a client instead of Hyper-V or VMware?

Learn why Oracle VM would be chosen over Hyper-V or VMware and read an expert's recommendations for implementing Oracle VM. Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our IT Channel experts

View all IT Channel questions and answers

MicroscopeUK

Summer the ideal time to talk about data protection plans

As customers enjoy a slower pace of life over the summer holidays those in the channel with security and storage expertise could ...

Cogeco Peer 1 shows adaptability with rebranding

Hosting specialist will become Aptum Technologies as it looks to chart a fresh course under the ownership of Digital Colony

IT Lab acquires Mirus IT

Managed services player with a focus on Microsoft takes revenues past the £75m mark with a move to pick up Mirus

SearchSecurity

Texas ransomware attack hits 22 municipalities, demands $2.5M

Ransomware attacks hit 22 municipalities around Texas, most of which appear to be smaller local governments, but the details ...

KNOB attack puts all Bluetooth devices at risk

Security researchers discovered a way to force Bluetooth devices to use easy-to-crack encryption keys, which could lead to ...

New network traffic analysis tools focus on security

Companies have used traffic data analytics to improve bandwidth and network performance. Now, though, a new class of tools taps ...

SearchStorage

Tintri by DDN, Nexenta collaboration bears first fruits

Tintri and Nexenta were acquired in separate transactions by DDN. The Nexenta software-defined storage provides shared file ...

New end-to-end NetApp NVMe product announced

NetApp's new EF600 series delivers 2 million sustained IOPS, response times under 100 microseconds and 44 GBps of throughput ...

3 key unstructured data storage challenges and how to resolve them

Volume, variety and value make storing unstructured data difficult. We look at how some vendors are helping enterprises get ...

SearchNetworking

The top 5 capabilities your edge infrastructure should have

The network edge plays a vital role in the future of networking and digital transformation. Make sure your infrastructure has ...

VMware acquisition of Veriflow to bolster vRealize platform

The VMware acquisition of Veriflow is expected to help vRealize users determine the integrity of a network design before it goes ...

Top enterprise network challenges include agility, product hype

Product hype and network agility are some of the primary network challenges for modern enterprises, according to networking ...

SearchCloudComputing

VMware acquisition of Intrinsic denotes bigger strategic plan

VMware has acquired Intrinsic, a maker of virtualization technology that secures Node.js applications on serverless environments ...

Oracle's IaaS, cloud database in the spotlight at OpenWorld

This year's Oracle OpenWorld should provide answers for customers eager to understand its plans for IaaS, cloud databases, AI and...

Assess the pros and cons of citizen developers in the enterprise

When it comes to citizen developers and no-code/low-code, there really is no one-size-fits-all approach. Determine their value, ...

SearchDataManagement

GDPR, AI intensify privacy and data protection compliance demands

This guide covers the challenges data management teams face on data protection and privacy, particularly with the rise of GDPR ...

SnapLogic boosts its data integration technology with AI

SnapLogic's latest update for its Intelligent Integration Platform aims to make it easier for users to benefit from data ...

DigitalOcean Managed Databases add MySQL, Redis support

Expanding its database management system offerings, cloud computing vendor DigitalOcean added Managed Databases support for MySQL...

SearchBusinessAnalytics

5 augmented analytics examples in the enterprise

Here are the top examples of augmented analytics uses that BI vendors support and enable, including data preparation, NLP-based ...

Phocas BI tool proves its value for manufacturers, wholesalers

With its focus on the manufacturing and wholesale distribution industries, Phocas Software has carved out a niche for itself ...

The Salesforce acquisition of Tableau complements Einstein Analytics

Given the different strengths of Salesforce's Einstein Analytics platform and Tableau, the BI tools could prove complementary now...

Dig Deeper on Database software management

Related Q&A from Hilary Cotter

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.