Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
Database Tools
SQL Scripts & Samples
» Database Forum
» Slideshows
» Sitemap
Free Newsletters:
News Via RSS Feed

follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2

Featured Database Articles


Posted May 6, 1999

SQL Server Security Top 10

By Guy van den Berg

Heres the real basics, how to stop up all the little holes, at the very least you should:

  1. NEVER leave the sa passwd blank!
  2. Using Integrated security - to enforce passwd policies such as min length and reuse.
  3. Abstract the users - a level by only allowing stored procedures to access tables.
  4. Use views - to further abstract the users if possible.
  5. Use only Integrated Security and Named Pipes where ever possible.
  6. Avoid TCP/IP - if at all possible.
  7. Disable stored procedures - such as xp_cmdshell.
  8. Learn the difference - between logins and users and remove as many rights from guest as possible.
  9. Enforce - a security policy and audit levels.
  10. Change the default database - from master to something else.

Copyright ) 1998-99 G.h.van den Berg. All rights reserved.
These pages may not be resold or redistributed without prior written permission from Guy van den Berg

MS SQL Archives

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Latest Forum Threads
MS SQL Forum
Topic By Replies Updated
SQL 2005: SSIS: Error using SQL Server credentials poverty 3 August 17th, 07:43 AM
Need help changing table contents nkawtg 1 August 17th, 03:02 AM
SQL Server Memory confifuration bhosalenarayan 2 August 14th, 05:33 AM
SQL Server Primary Key and a Unique Key katty.jonh 2 July 25th, 10:36 AM