SQL Server Security Audit (Part 1) - Server Level Audit
August 12, 2009[From SQL Server Performance]
Although security is a major component of database administration, it is sometimes overlooked in favour of convenience. User accounts are given elevated permissions to save time, patches and hot-fixes are not applied timely and best practices are often not followed. Over time, the server becomes vulnerable to potential breaches of security.
The article continues at http://www.sql-server-performance.com/articles/audit/security_audit_server_level_p1.aspx