Sqlserver-dba.com

Subscribe

SQLServer-DBA.com Links

Subscribe to newsletter

Dba_db2_button

Powered by TypePad
Database Security Countermeasures against hacker attacks

15 February,2013 by Jack Vamvas

Question: What database security countermeasures can I apply to a SQL Server environment against potential hacker attacks? There is plenty of sensitive data in our systems such as personal details and financial information.

Answer:  A well co-ordinated and regularly audited security checks is the best way forward. The tactics will depend on the amount of resources available and the level of security escalation required'.Here are some ideas:

 

1)       Have you locked down all the systems on the network. ? Is there a well defined segregation of duties policy set up – where all authorised individuals have access? Prioritise production systems then work your way down.

Keep in mind , it’s not unusual to have production data on test or development systems.

2)       Invest in a database vulnerability assessment tool. Focus on : security patches, strong passwords,security enabled, and proper access controls

3)       Monitoring of access attempts. Do you audit failed login attempts? Do you have a daily Login failed report?

4)       Do you have a SQL Server Security policy in place?

5)       For advanced countermeasures , do you have a Database access monitoring system in place. A Database Access monitoring system will monitor the databases , and move the data onto a separate server  therefore minimising the possibility of an a hacker deleting the activity.

 Read More

SQL Server – Maintaining different environments - SQL Server DBA


Author: Jack Vamvas (http://www.sqlserver-dba.com)

******** *******

Enjoy this post? Enter your email address for updates on new posts:

Delivered by FeedBurner

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment


sqlserver-dba.com | SQL Server Performance Tuning | SQL Server DBA:Everything | FAQ | Contact|Copyright & Disclaimer