May 5, 2020

SQL Server Security Check List


 Data is very crucial aspect of any organization or entity. Loosing, stole or destroy no one want and most of time can not effort.

Below are the points which we need to consider if we are considering for Database security...

1. Physical Security
2. OS Level Security
3. SQL Instance Level Security
4. Login Security




1. Physical Security 



  A.  Limit the employee having access on physical hardware.

 B.  Store DB backup in safe and secure location.

 C. Configure alert/alarm for hardware warning.

 D. Install physical hardware in a safe location.





2. OS Level Security 



 A. Install all critical fix and SP for Windows and Linux.

 B. Configure firewall and setup appropriate rules.

 C. Limit the number of employee having admin access at OS level on DB Server.

 D. Limit DB data disk access to other users.

 E. Disk Encryption.





3. SQL Instance Level Security 

 A. Install only required components on the server.

 B. Install all critical security fix, CU and SP on SQL instance.

 C. Change default port 1433 to some other number.

 D. Disable unused network protocols.

 E. Hide SQL Instance to visible on network.

 F. Restrict access of database backup files.

 G. Disable xp_cmdShell ex-procedures.

 H. Disable unnecessary features and services.

 I. Enable DB encryption like Transparent Data Encryption or Column Level Encryption.





4. Login Security

 A. Rename and disable sa login.

 B. Remove BuildInAdministrator.
  
 C. Use Windows Authentication mode to access database.

 D. Use service account to run SQL Services with minimal access rights.


No comments:

Post a Comment

If you have any doubt or question, please contact us.