Microsoft SQL Database Asset Protection Standards:: Difference between revisions
Jump to navigation
Jump to search
Line 68: | Line 68: | ||
===Surface and feature reduction=== | ===Surface and feature reduction=== | ||
* Reduce the surface area of your system that is exposed to attack by running only those services and features needed in your environment. | * Reduce the surface area of your system that is exposed to attack by running only those services and features needed in your environment. | ||
===Administrator reduction=== | |||
* Restrict membership of the sysadmin fixed server role to a few trusted individuals. |
Revision as of 12:54, 8 May 2007
SQL Administrator Checklist
Setting Up the Environment Prior to Installation
Physical security
- Ensure the physical security of your server.
Firewalls
- Put a firewall between your server and the Internet.
- Always block TCP port 1433 and UDP port 1434 on your perimeter firewall. If named instances are listening on additional ports, block those too.
- In a multi-tier environment, use multiple firewalls to create screened subnets.
Isolation of services
- Isolate services to reduce the risk that a compromised service could be used to compromise others.
- Never install SQL Server on a domain controller.
- Run separate SQL Server services under separate Windows accounts.
- In a multi-tier environment, run Web logic and business logic on separate computers.
Service accounts
- Create Windows accounts with the lowest possible privileges for running SQL Server services.
File System
- Use NTFS.
- Use RAID for critical data files.
Installation
- Always install the latest service packs and security patches.
Service accounts
- Run SQL Server services with the lowest possible privileges.
- Use Enterprise Manager to associate services with Windows accounts.
Authentication mode
- Require Windows Authentication for connections to SQL Server.
Strong passwords
- Always assign a strong password to the sa account, even when using Windows Authentication.
- Always use strong passwords for all SQL Server accounts.
Configuration Options and Settings After Installation
Delete or secure old setup files
- Delete or archive the following files after installation: sqlstp.log, sqlsp.log, and setup.iss in the <systemdrive>:\Program Files\Microsoft SQL Server\MSSQL\Install folder for a default installation, and the <systemdrive>:\Program Files\Microsoft SQL Server\ MSSQL$<Instance Name>\Install folder for named instances.
- If the current system is an upgrade from SQL Server 7.0, delete the following files: setup.iss in the %Windir% folder, and sqlsp.log in the Windows Temp folder.
Choose static ports for named instances
- Assign static ports to named instances of SQL Server.
Set login auditing level
- Set login auditing level to failure or all.
Enable security auditing
- Enable security auditing of Sysadmin actions, fixed role membership changes, all login related activity, and password changes.
- After selecting appropriate auditing options, you should script the audit, wrap it in a stored procedure,and mark that stored procedure for AutoStart.
Secure sa even in Windows Authentication Mode
- Assign a strong password to the sa account, even on servers that are configured to require Windows Authentication.
Remove sample databases
- Remove sample databases from production servers.
Secure Operation
Security model
- Learn to work with the SQL Server security model.
Backup policy
- Back up all data regularly and store copies in a secure off-site location.
- Test your disaster recovery system.
Surface and feature reduction
- Reduce the surface area of your system that is exposed to attack by running only those services and features needed in your environment.
Administrator reduction
- Restrict membership of the sysadmin fixed server role to a few trusted individuals.