Skip to main content

SQL Server Securities


 SQL Server Securities

1. Ensure the physical security of each SQL Server, preventing any unauthorized users from physically access your servers.

2. Assign the SA account a very obscure password, and never use it to log onto SQL Server. Instead, use a Windows Authentication account to access SQL Server as a sysadmin.

3. Give users the least amount of permissions they need to perform their job.

4. When possible, use Windows Authentication logins instead of SQL Server logins.

5. Use strong passwords for all SQL Server login accounts.

6. Remove user login IDs who no longer need access to SQL Server.

7. Remove user login IDs who no longer need access to SQL Server. Default remains disabled in sql 2005.

8. Avoid creating network shares on any SQL Server.

9. Ensure that your SQL Servers are behind a firewall and are not exposed directly to the Internet.

10. In SQL Server 2005 and earlier, remove the BUILTIN/Administrators group to prevent local        server administrators from being able to access SQL Server. In SQL Server 2008, the BUILTIN/Administrators group does not exist by default.

11. Do not browse the web from a production SQL Server instance.

12. Add operating system and SQL Server service packs and hot fixes soon after they are released and tested, as they often include security enhancements.

13. Encrypt all SQL Server backups with a third-party backup tool, such as Red Gate SQL Backup Pro.

14. Don’t use cross database ownership chaining if not required.

15. Deny access to systems metadata by users.

<div><script  type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_3&tagid=30"></script></div>

<div><script type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_0&animate=on&size=600x330&close=disable" ></script></div>

<div><script type="text/javascript" src="http://clkmon.com/adServe/banners?tid=25077_35217_5&tagid=2" ></script></div>

<div><script type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_4&type=footer&size=728x90" ></script></div>

<div><script  type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_6&type=shadowbox&size=800x440"></script></div>

<div><script type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_7&type=slider&position=top&animate=on&size=468x60" ></script></div>

<div><script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<!-- mysqlserverdba_sidebar-right-1_AdSense1_250x250_as -->
<br />
<ins class="adsbygoogle" data-ad-client="ca-pub-6752976678746535" data-ad-slot="3681604312" style="display: inline-block; height: 250px; width: 250px;"></ins><script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script></div>

Comments

Post a Comment

Popular posts from this blog

Self Introduction and Responsibilities of a SQL Server DBA.

Hi, Self Introduction:                      I am Vang chew bigger , currently I am working with   Citronics , Here my role is SQL Server Database Administrator , I am having 3+ yrs Exp in SQL SERVER DBA with T-SQL, I have experience on SQL Server 2000, 2005 and 2008, I have a great experience on installation and configuration of SQL SERVER versions, and also applying the patches, hot fix, services packs and RTM’s accordingly, involved in upgrading on in place and side by side as per client requirement, and also Migrating the database on SQL SERVER 2000 to 2005 and 2008, Solid experience on configuring and maintenance of High availability SQL Server solutions, including Log shipping, Database Mirroring, Replication(Transactional and Merge) and SQL Server Clustering., having experience on performance tuning on server level, database level and query level, Responsible for working with application developers in identifying, resolving and proactively working to prevent performance or oth
3 comments
Read more

SQL Server 2016 Windows Server 2016 Firewall Rule Step-By-Step.

SQL Server 2016 Windows Server 2016 Firewall Rule Step-By-Step. Opening Firewall in SQL Server 2016. Once the SQL Server is installed on the machine. We must enable the incoming traffic i.e., from the application to the SQL Server Database. For this purpose, we must create rule for SQL Server ports so that the application can connect to database & perform the CRUD operations on the tables. Now Let’s start Step-by-Step to enable it. 1.   Start System and Login (As Administrator); 2.   Open Control Panel. Click on Windows Firewall; 3. Now click on Advanced Settings; 4. Windows Firewall console open. If you click on Properties (right side) – you can disable firewall for all networks. We going to Inbound Rules (left side) for our rule creation; After Clicking on the Inbound rules. We will see the below screen.  Click on New
Post a Comment
Read more

Shrinking a SQL Server Log File with Database in Always ON Availability.

Shrinking a SQL Server Log File with Database in Always ON Availability.                    Once we had a situation in our production server that the database which is in Always ON Availability group has been grown to the maximum size.  Many of them say that we can't shrink the log file as the database is in Always ON and we should take the downtime to perform the operation. But we shrink-ed the database log file to 5 GB from 180 GB. Steps are as below: --To Check the Number of pages allocated by the LogFile. DBCC LOGINFO --To check the file sixe sp_helpdb [SQLPantry] --To check the Log file Size DBCC SQLPERF(LOGSPACE) The above statement will show the logspace of all db at present situation. --To check the Log_reuse_wait description of a log file. select log_reuse_wait_desc,* from sys.databases The above statement will show the status of the log whether it has to be backuped i.e., LogBackup, Nothing, Active Transaction.  When ever there is status as Activ
1 comment
Read more