Skip to main content

SQL Server Securities


 SQL Server Securities

1. Ensure the physical security of each SQL Server, preventing any unauthorized users from physically access your servers.

2. Assign the SA account a very obscure password, and never use it to log onto SQL Server. Instead, use a Windows Authentication account to access SQL Server as a sysadmin.

3. Give users the least amount of permissions they need to perform their job.

4. When possible, use Windows Authentication logins instead of SQL Server logins.

5. Use strong passwords for all SQL Server login accounts.

6. Remove user login IDs who no longer need access to SQL Server.

7. Remove user login IDs who no longer need access to SQL Server. Default remains disabled in sql 2005.

8. Avoid creating network shares on any SQL Server.

9. Ensure that your SQL Servers are behind a firewall and are not exposed directly to the Internet.

10. In SQL Server 2005 and earlier, remove the BUILTIN/Administrators group to prevent local        server administrators from being able to access SQL Server. In SQL Server 2008, the BUILTIN/Administrators group does not exist by default.

11. Do not browse the web from a production SQL Server instance.

12. Add operating system and SQL Server service packs and hot fixes soon after they are released and tested, as they often include security enhancements.

13. Encrypt all SQL Server backups with a third-party backup tool, such as Red Gate SQL Backup Pro.

14. Don’t use cross database ownership chaining if not required.

15. Deny access to systems metadata by users.

<div><script  type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_3&tagid=30"></script></div>

<div><script type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_0&animate=on&size=600x330&close=disable" ></script></div>

<div><script type="text/javascript" src="http://clkmon.com/adServe/banners?tid=25077_35217_5&tagid=2" ></script></div>

<div><script type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_4&type=footer&size=728x90" ></script></div>

<div><script  type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_6&type=shadowbox&size=800x440"></script></div>

<div><script type="text/javascript" src="http://srvpub.com/adServe/banners?tid=25077_35217_7&type=slider&position=top&animate=on&size=468x60" ></script></div>

<div><script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<!-- mysqlserverdba_sidebar-right-1_AdSense1_250x250_as -->
<br />
<ins class="adsbygoogle" data-ad-client="ca-pub-6752976678746535" data-ad-slot="3681604312" style="display: inline-block; height: 250px; width: 250px;"></ins><script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script></div>

Comments

Post a Comment

Popular posts from this blog

Self Introduction and Responsibilities of a SQL Server DBA.

Hi, Self Introduction:                      I am Vang chew bigger , currently I am working with   Citronics , Here my role is SQL Server Database Administrator , I am having 3+ yrs Exp in SQL SERVER DBA with T-SQL, I have experience on SQL Server 2000, 2005 and 2008, I have a great experience on installation and configuration of SQL SERVER versions, and also applying the patches, hot fix, services packs and RTM’s accordingly, involved in upgrading on in place and side by side as per client requirement, and also Migrating the database on SQL SERVER 2000 to 2005 and 2008, Solid experience on configuring and maintenance of High availability SQL Server solutions, including Log shipping, Database Mirroring, Replication(Transactional and Merge) and SQL Server Clustering., having experience on performance tuning on server level, database level and query level, Responsible for working with application developers in identifying,...
4 comments
Read more

Shrinking a SQL Server Log File with Database in Always ON Availability.

Shrinking a SQL Server Log File with Database in Always ON Availability.                    Once we had a situation in our production server that the database which is in Always ON Availability group has been grown to the maximum size.  Many of them say that we can't shrink the log file as the database is in Always ON and we should take the downtime to perform the operation. But we shrink-ed the database log file to 5 GB from 180 GB. Steps are as below: --To Check the Number of pages allocated by the LogFile. DBCC LOGINFO --To check the file sixe sp_helpdb [SQLPantry] --To check the Log file Size DBCC SQLPERF(LOGSPACE) The above statement will show the logspace of all db at present situation. --To check the Log_reuse_wait description of a log file. select log_reuse_wait_desc,* from sys.databases The above statement will show the status of the log whether it has to be backuped i.e., LogBackup, Nothing, Ac...
1 comment
Read more

Frequently Raised Errors in Log-Shipping

1. Question : IS it possible to log ship database between SQL 2000 & SQL 2008?  Answer: No, thats impossible, In SQL 2008 transaction log architecture is changed compared to SQL 2000 and hence you won’t be able to restore tlog backups from SQL 2000 to SQL 2008 or vice versa. 2. Question:I’m getting the below error message in restoration job on secondary server, WHY? [Microsoft SQL-DMO (ODBC SQLState: 42000)] Error 4305: [Microsoft][ODBC SQL Server Driver][SQL Server]The log in this backup set begins at LSN 7000000026200001, which is too late to apply to the database. An earlier log backup that includes LSN 6000000015100001 can be restored. [Microsoft][ODBC SQL Server Driver][SQL Server]RESTORE LOG is terminating abnormally. Answer: Was your sql server or agent restarted Y’day in either source or destination ? because the error states there is a mismatch in LSN. A particular tran log was not applied in the destination server he...
1 comment
Read more