SQL Server database security

SQL Server database security is as important to a customer as ensuring their servers don't encounter any downtime. These tools will help keep your customer's database secure.

Hilary Cotter

Published: 30 May 2007

What database security services should I offer my SQL Server customers and how often should I test them for security flaws?

VARs can offer database clients two classes of security services:

Monitoring services
Best practices analysis

Important monitoring services include the following:

Intrusion detection -- SQL Injection or buffer overflow attacks like SQL Slammer.
Unauthorized object access as part of the larger umbrella of Sarbanes Oxley compliance.
Destructive DDL commands -- drop table statements.
Account rights escalation – guest role account enabling, or adding a low privileged user account to the sysadmin role.

As new exploits are discovered, continuous threat analysis is an important service for a VAR to offer.

Best practices analysis can include the following:

Checks for weak or no passwords.
Scans to ensure that all accounts are running under the least privileges.
Locking down of xp_cmdshell and other features which may expose your SQL Servers to exploits.
limiting use of the guest account and the sysadmin role.

Dig Deeper on Database software management

Related Q&A from Hilary Cotter

What are the best SMB databases?

Discover the best basic SMB database -- and learn when it's time for your SMB clients to upgrade. Continue Reading

SQL Server capacity planning

In order for SQL Server capacity planning to be affective, resellers must plan the hardware to last the life of the server. Continue Reading

Architectural solutions to Web-based applications with large datasets for VARs

Rather than throwing hardware to configure a database to support web-based applications with large dynamic datasets, VARs can use architectural ... Continue Reading

MicroscopeUK

Sustainability is a growing part of the printing pitch

The pandemic has given many customers the chance to consider their strategy going forward

Channel roundup: Who's gone where?

Personnel moves that will interest the channel at Citrix, Mimecast, CyberGuard Technologies and ITS

5G offers the channel a chance to challenge networking status quo

A serious alternative to the existing approach to connectivity is coming in the form of 5G, which should result in channel ...

SearchSecurity

For cybersecurity training, positive reinforcement is best

Traditional cybersecurity training methods often focus on negative reinforcement techniques, but experts say positive ...

Top 3 challenges of a zero-trust security model

There are three main zero-trust security challenges, but because the model is highly beneficial, it's important for organizations...

Why SASE should be viewed as an evolution, not revolution

The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging ...

SearchStorage

Dell Technologies World 2020 news and conference coverage

Dell Technologies World is going virtual this year. Use this guide to catch up on some recent moves by the vendor and the latest ...

NetApp cloud overshadows everything else at Insight 2020

NetApp stitches cloud services with its Data Fabric technology. NetApp Insight 2020 will showcase new cloud consumption options ...

Project Apex brings Dell into battle to control IT services

If you were looking for new products at Dell Tech World 2020, you went to the wrong place. It's all about Dell's Project Apex ...

SearchNetworking

The power and plights of female network engineers

Impostor syndrome burdens female network engineers, due to discrimination, as well as a lack of representation and education. But...

Bye-bye ISR, hello Catalyst 8000 for Cisco SD-WAN

The new Catalyst 8300 Series of routers replace ISRs that customers said were ill-equipped to run the Cisco SD-WAN. Cisco also ...

Juniper's 128 acquisition needed to improve SD-WAN

Juniper Networks plans to 'enhance' its Contrail SD-WAN through the acquisition of 128 Technology. 128 has a more advanced SD-WAN...

SearchCloudComputing

5 key ways to avoid overspending on enterprise cloud adoption

Companies that take a careful approach to enterprise cloud adoption aligned with business objectives can help optimize spending ...

3 SaaS cost management tips for new-to-cloud usage

When it comes to SaaS spending, IT must ensure that everyone from users to management is on the same page. Use these strategies ...

Microsoft's SpaceX partnership sends Azure to the final frontier

Microsoft has partnered with SpaceX to tie Azure to low-orbiting satellites. The company also introduced a modular data center to...

SearchDataManagement

Growing enterprise benefits of augmented data management

Gartner predicts plenty of growth in the booming augmented data management market, which helps data professionals focus on ...

MongoDB Atlas now enables multi-cloud database clusters

Multi-cloud data portability comes to MongoDB Atlas with a new capability that will enable users to run a database application ...

How AI data privacy can help your enterprise

Enterprises benefit in many ways from AI data privacy tools that reduce the need for manual efforts from data professionals. Read...

SearchBusinessAnalytics

8 types of bias in data analysis and how to avoid them

Analytics can exhibit biases that affect the bottom line or incite social outrage through discrimination. It's important to ...

Qlik acquisition of Blendr.io adds integration capabilities

Qlik acquired Blendr.io for an undisclosed amount in a move that will expand the BI vendor's ability to integrate with cloud data...

GoodData adds self-service modeling tools to analytics suite

New self-service data modeling tools are the latest additions to the GoodData platform as the vendor overhauls its platform in an...

Dig Deeper on Database software management

Use these commands to deploy SQL Server Docker containers

Microsoft SQL Server security best practices checklist

Solving SQL VSS writer problems during backup

SQL Server 2012 security: New default settings, greater flexibility

Related Q&A from Hilary Cotter

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.