DBAs - Do you secure your server by changing the 'defaults'?

Updated by ChristianMWaite 5 years ago. See history

123
  1. Disable defaults
    • Disable Administrator and Rename it, then create a new "honeypot" Administrator account with no permissions.
    • Disable Guest on the SQL
    • Change Port 1433
    • Delete the sample databases - (AdventureWorks, Northwind and Pubs). These have a Public Role which is a security risk and allow Massive SQL Statements
  2. Other security issues
    • Use a service account with a strong password
    • Do not run SQL Server service as an administrator
    • Run in integrated security mode
    • Run on NTFS file system - Encrypt the data files

Categories

Rules to Better SQL Databases - Admin
acknowledgements
related rules