SQLServerCentral Article

Securing SQL Server

,

The January issue of the SQL Server Standard magazine is being printed as you read this, but it is now available as a PDF download for those subscribers in their Virtual Briefcase. This month we look at SQL Server security and the various ways that you can help ensure that you are running a safe SQL Server. The editorial below is available for those that want to see what's inside. The magazine should be available shortly on the PASS site as well as the MCP Special Offers page.

If you aren't a subscriber, PASS member, or MCP, you can purchase the PDF of this single issue for $3.99 in our store.

We hope you enjoy it and please feel free to send us some feedback on what you think (webmaster@sqlservercentral.com).

In This Issue

  • Editorial : Secure By Default
  • Encryption in SQL Server 2005
  • SQL Server Security for the Paranoid DBA
  • Security Changes from 2000 to 2005
  • Integrating Row Level Security with Windows Groups
  • SQL Server 2005 DDL Triggers
  • SQL Server 2005 Profiler
  • Unberakable?

Editorial : Secure By Default

The theme of security seems to be really integrated in SQL Server 2005, more than any other Microsoft product to date. The Trustworthy Computing initiative, seems to have made leaps forward with this product. From the “turned off” idea, where many things are disabled, or not even installed by default, to the Surface Area Configuration Tool, which allows you to examine your installation and reduce the attack surface, or number of places to attack.

This month we focus on Security, primarily on SQL Server 2005 since the product was released just as we shipped the November issue. With the security of applications and software being called into question almost daily these days, it’s important to be sure that you are running a secure database server. The mainstream press is more and more often picking up breeches of security and reporting about them, so maintaining the security of your data to the best of your ability is becoming increasingly important to DBAs.

There are many ways to do this, but encryption and certificates are great places to start. We’ve got articles on each of these topics this month and I’m sure that you’ll be excited to see just how much work was done in this area for SQL Server 2005.

Our resident security guru, Brian Kelley, also brings us two different security topics this month. One is an overview of the changes in SQL Server 2005 and is must read for DBAs having worked only with prior versions. The other examines a topic that I constantly see DBAs dealing with: row level security. Brian looks at how you can leverage your Windows groups to implement this often asked for feature.

In my decade plus of working with SQL Server, capturing changes to objects has always been a request and the usual answer is to setup a trace in Profiler that just runs constantly. We do take a look at Profiler in this issue, but many of you will be interested to know that there are now DDL triggers that fire on object changes, allowing you to setup an auditing scheme to track those changes.

We also have a couple of extended editorial type pieces this month. The first looks at what security means for the paranoid DBA; the DBA highly concerned with actual break-ins. The other is one I wrote after seeing an open letter about the Oracle patch problems. It struck a chord with me after their “Unbreakable” advertising campaign.

Security is a tough business and this issue only scratches the surface. If we had an extra 500 pages, we might provide you a great reference for SQL Server 2005, but in this limited format, we are just scratching the surface and giving you a broad look at some things you might want to dig deeper into with this version of SQL Server.

Steve Jones

Rate

You rated this post out of 5. Change rating

Share

Share

Rate

You rated this post out of 5. Change rating