Security Resources for SQL Server
Introduction
As I work with a particular topic or problem, I often research on the Internet
different opinions, white papers, etc. Here is a list of resources that are located both
on SQL Server Central and other sites that I have found useful.
Online Resources
| Recommended |
Microsoft SQL Server 2000 Security |
A white paper on SQL Server security in a Windows 2000 domain model. Not sure how many of you are
actually running in this environment, but it is a well written book. |
| Highly Recommended | Microsoft Security Bulletin Search | The main search page for security bulletins. You can also register to receive these in email automatically. |
| Highly Recommended. | Database Security Best Practices | A variety of topics on Administration, Architecture, and Troubleshooting. |
| Recommended. | Security Best Practices | Slightly off topic, but a good list of best practices for your network. Peruse these at your leisure. |
| Recommended. | SQLSecurity.com | A nice site by Chip Andrews on SQL Server Security |
| N/A | Managing Security - Chapter 7 of the SQL Server Administrator's Companion | This is the chapter on security. |
| N/A |
C2 Evaluation for SQL Server 2000 |
This is the report from the NSA which documents the C2 features of SQL Server. |
Bugs and Issues
| Cluster issue when non-admin account used. | |
| Remove NT admins from sa mapping. |
Perspectives from those in the Industry
| SQL Server Encryption Best and Worst Practices | A look at encryption from a database tool vendor. | |
| Worst Practice - Encrypting Data | Steve Jones examines the point of view that encrypting data is a bad idea. | |
| Overview of SQL Server Security Model and Best Practices | A look at best practices from a SQL Server MVP. | |
| SQL Server Security - Part 1 | Chris Kempster examines basic security for a SQL Server. This presents an overview of places where you can secure your server. | |
| SQL Server Security - Part 2 | Chris Kempster examines basic security for a SQL Server. This continues the series with looking at passwords, encryption, roles, abd auditing. | |
| SQL Server Security - Part 3 | This article looks at row level security, triggers, and other database security items. |
Books
Conclusions
As always, I welcome feedback for this article (use the 'Your Opinion' tab below) and please take
the time to rate this article.
Steve Jones
©dkRanch.net March 2002
