SQL Server Security Top 10

Heres the real basics, how to stop up all the little holes, at the very least you should:

  1. NEVER leave the sa passwd blank!
  2. Using Integrated security – to enforce passwd policies such as min length and reuse.
  3. Abstract the users – a level by only allowing stored procedures to access tables.
  4. Use views – to further abstract the users if possible.
  5. Use only Integrated Security and Named Pipes where ever possible.
  6. Avoid TCP/IP – if at all possible.
  7. Disable stored procedures – such as xp_cmdshell.
  8. Learn the difference – between logins and users and remove as many rights from guest as possible.
  9. Enforce – a security policy and audit levels.
  10. Change the default database – from master to something else.

Copyright ) 1998-99 G.h.van den Berg. All rights reserved.
These pages may not be resold or redistributed without prior written permission from Guy van den Berg

Previous article
Next article

Get the Free Newsletter!

Subscribe to Cloud Insider for top news, trends & analysis

Latest Articles