October 1, 2008 at 6:17 am
The question is, why is it recommended to use separate accounts for different SQL server services?
I have google-ised the question, but failed to find an answer.
October 1, 2008 at 6:53 am
Here are a few things.
1) If someone happens to get the password for one of the services, it is nice if that does not mean they have the password for all of the services.
2) If a service account has been compromised and is misused, having it only associated with one service reduces the search area to find out what has allowed the breach and possibly who has made the breach.
3) Regular password maintenance will only impact a single service rather than every service.
October 1, 2008 at 6:55 am
Think of it like physically having a key.
If someone steals your house key, isn't it more secure if they have to steal a second key to get into your office, your car, and your safe? If you happen to lose your key, do you want to have to change every lock you own because the key fits everything?
October 1, 2008 at 7:55 am
Many thanks
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply