Chapter 10: Designing a Strategy to Manage and Maintain Database Security

Microsoft Exam Objectives Covered in this Chapter:

• Maintain a server-level security strategy.

  • Design a strategy to audit Windows account permissions.

  • Design a strategy to audit SQL Server service access.

  • Maintain a strategy to assign the appropriate minimum level of privileges.

  • Maintain an encryption strategy that meets business requirements.

  • Design a strategy to apply service packs and security updates.

  • Configure the surface area.

• Maintain a user-level security strategy.

  • Verify the existence and enforcement of account policies.

  • Verify SQL Server login authentication.

  • Verify permissions on SQL Server roles and accounts.

For a DBA, it is useful to be able to set up a database server, configure it for an application, tune queries, and ensure an efficiently operating environment; however, without implementing strong security measures, this process can result in loss of data, financial penalties, or even the end of your company. Security is a critical part of any environment these days with our extremely connected world where computers on one side of the world can easily reach your servers in any other part of the world.

Today’s DBA needs to maintain vigilant security, even with firewalls and other network access controls, because of the wide variety of attacks that seem to circumvent this line of defense. SQL injection, cross-site scripting, and other future attacks require that you ensure your security model encompasses every part of your systems.

In this chapter, you will learn how you can maintain security on your servers. You will examine both server-level and user-level security strategies for ensuring that only authorized users can access your databases.