The SQL Server Defensive Dozen Part 2 – SQL Server Encryption, Key Management, And Data-At-Rest Encryption

Introduction In order to properly secure and harden SQL Server, the use of encryption provides many benefits including safeguarding data, separation of duties, and satisfying regulatory needs such as the Secure Technical Implementation Guide (STIG) or General Data Protection Regulation (GDPR). Within SQL Server there are several types of encryption: Channel encryption (encrypting login/data packets…

0

The SQL Server Defensive Dozen Part 1 – Hardening SQL Network Components

Introduction In order to properly secure and harden SQL Server, one should review many items related to the server communications, network library settings, and ports/protocols configurations. As a reminder from our Introduction to this series, hardening can be thought of as the process of applying Administrative and Technical controls to a system. Every article in…

0

Steps for Hardening SQL Server 2016: The Defensive Dozen

In March of 2018 DISA published the Secure Technical Implementation Guide (STIG) for SQL Server 2016. Over the span of the previous year, Microsoft Services completed the Security Requirements Guide (SRG) vendor-response form offering guidance to DISA on how-to secure and harden SQL Server 2016 to meet the NIST requirements. While DISA solely owns and…

0