Establish a security model to protect SQL Server

Source: Internet
Author: User

For a variety of reasons, people who make security settings often do not understand the true value of the data, so they cannot properly protect the data. It is important for a database administrator to limit your data to the people you need to access and to ensure the legality of the people you visit. However, ensuring that data is accessible does not mean that the data is open to everyone, but instead you must carefully protect the data and open it only to those who need it.

Setting up security procedures

Common software maintenance and database updates will play an important role in system security, typically including the following steps:

Assign a reliable password to the default system management (SA) account. Then, create your own unique named account, and put this account into the sysadmin. Be sure to confirm that the new account also has a reliable password.

Assign a separate password to each user. Better yet, use Windows integrated Security and have Windows follow a stable password rule.

Decide which users need to view the data, and then assign the appropriate license. Please do not arbitrarily give users various permissions. For example, don't let everyone else's salary be accessed casually.

Decide which users need to update the data, and then assign the appropriate permissions. Account managers should be able to view the information of all users, but programmers must limit the permissions to update the information. In particular, only the manager who is responsible for a particular account is the only person who can change the user's data.

You can learn a lot of knowledge through these series of information, but you should have them from the beginning. Otherwise, any user of the database can steal or delete your important data.

What is the easiest thing to make a mistake?

For records, it should be known that SQL Server is not absolutely secure. You should put forward some ideas and try to protect your server effectively. There are two points you must complete before installing the server:

Set up the administrator's account number and password.

Protect the system against Slammer worm infections.

To make something special safe.

SQL Server2000 has the default security settings through the SA account. During the installation process, SQL Server automatically establishes a managed user and assigns a blank password to the SA user name. Some managers like to set the SA password blank or a generic password so everyone can know. If you make such a mistake, anyone who enters your database can do whatever it wants. Anyone with the permission of a manager can do whatever they want-not just the database, but the entire computer. Therefore, users must be limited to access to the database according to their needs, do not give them too little rights, not too much.

Put aside the SA account you manage every day for a while, and let's take a look at the account with the secure password. Create another account to manage (either a SQL Server account or a Windows account, depending on your authentication mode). What you want to avoid is that it's too easy to guess the name of the account or the password of the account, because anyone who gets these accounts is screwed.

A bad thing that's alarming-slammer worm (Slammer worm)

In the January 2003 there were some very lethal malicious code, namely Slammer worm. This code is specifically targeted at the installation of SQL Server. By taking advantage of the imperfections in the SQL ServerA code, the worm can replicate its own programs while the SQL Server is installed, damaging the entire machine and other machines. Worms can fill the network with 15 seconds when they are generated. Microsoft has already spent a lot of effort to stop the worm, but the worm cannot be completely eliminated. Some people are starting to complain about the beta version of SQL Server because it caused system corruption during installation.

Many months have passed, is it necessary to be so wary of worms? The answer is yes. Because every day there are a lot of slammer copy and infect the machine. If a SQL Server without any patches is connected to the network, you will become a victim of this behavior. Ethically, before you connect SQL Server to a network line, you must protect your server and run all the new service patches.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.