It has been a long journey. Two years of research, development, testing, QA, and the list goes on!
I work with SQL Server for more than 11 years and I have seen hundreds of SQL Server installations and setups. I have seen best practices and bad practices. I have seen deep knowledge in administering SQL Server, but I have also seen naivety in administering such a powerful RDBMS and believe me, naivety in database administration is not something good.
SQL Server is a very powerful data platform and part of this power, is to allow the user to control different settings, thus making it work the best for his/her needs. However, similarly as in all systems, if these settings are misconfigured, or the proper precautions are not taken on the user’s side, then this could create possible security risks.
Take for example, the ‘Password Expiration’ option. In case you have a SQL login which is used as a service account, then this could be a reason for not to have the ‘Password Expiration’ enabled for that login. If however, you have an SQL login which is used by a physical person and the ‘Password Expiration’ option is not enabled, this increases the risk of having the password guessed more easily than in the case where the password expires every X days (i.e. every 90 days).
Another example, is using the same password as the username for SQL Logins. This is a critical security risk and you should never do this.
DBA Security Advisor, via a rich set of security checks, assesses your SQL Server instances against potential security risks and recommends solutions along with remediation scripts and methods.
Download the Community Edition today! Feel free to try DBA Security Advisor! After you are convinced that it can really help you, then you can consider upgrading to the Enterprise Edition where you can have access to all the security checks as well as to all the great features of DBA Security Advisor.
Resources:
Cheers,
Artemakis
