Posted on Leave a comment

SQL Server Security best practices

  • Minimize the number of SQL Server logins.
  • Use Windows group logins to simplify ongoing management where possible.
  • Disable logins rather than dropping them if there is any chance that they will be needed again.
  • Ensure that expiry dates are applied to logins that are created for temporary purposes.
  • Use fixed server-level roles to delegate server-level management responsibility, and only create user-defined server-level roles if your specific administrative delegation solution requires them.
  • Disable the guest user in user databases unless you specifically require guest access.
  • Aim to grant the minimum number of explicit permissions possible to meet the security requirements, and use membership of roles and inheritance to ensure the correct effective permissions.
  • Ensure every user has only the permission they actually require.
Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.