The SQL Server Defensive Dozen – Part 3: Authentication and Authorization in SQL Server

Introduction In order to secure and harden SQL Server it is important to control who and/or what can authenticate to the system and what they have access to. This will satisfy regulatory needs such as the Secure Technical Implementation Guide (STIG). As a reminder from our Introduction to this series, hardening is the process of applying Administrative…

0

The SQL Server Defensive Dozen Part 2 – SQL Server Encryption, Key Management, And Data-At-Rest Encryption

Introduction In order to properly secure and harden SQL Server, the use of encryption provides many benefits including safeguarding data, separation of duties, and satisfying regulatory needs such as the Secure Technical Implementation Guide (STIG) or General Data Protection Regulation (GDPR). Within SQL Server there are several types of encryption: Channel encryption (encrypting login/data packets…

1

The SQL Server Defensive Dozen Part 1 – Hardening SQL Network Components

Introduction In order to properly secure and harden SQL Server, one should review many items related to the server communications, network library settings, and ports/protocols configurations. As a reminder from our Introduction to this series, hardening can be thought of as the process of applying Administrative and Technical controls to a system. Every article in…

0

Steps for Hardening SQL Server 2016: The Defensive Dozen

In March of 2018 DISA published the Secure Technical Implementation Guide (STIG) for SQL Server 2016. Over the span of the previous year, Microsoft Services completed the Security Requirements Guide (SRG) vendor-response form offering guidance to DISA on how-to secure and harden SQL Server 2016 to meet the NIST requirements. While DISA solely owns and…

0