Read more
SQL server is the most widely-used database platform in the world, and a large percentage of these databases are not properly secured, exposing sensitive customer and business data to attack.
In Securing SQL Server, Third Edition, you will learn about the potential attack vectors that can be used to break into SQL server databases as well as how to protect databases from these attacks. In this book, Denny Cherry - a Microsoft SQL MVP and one of the biggest names in SQL server - will teach you how to properly secure an SQL server database from internal and external threats using best practices as well as specific tricks that the author employs in his role as a consultant for some of the largest SQL server deployments in the world.
Fully updated to cover the latest technology in SQL Server 2014, this new edition walks you through how to secure new features of the 2014 release. New topics in the book include vLANs, setting up RRAS, anti-virus installs, key management, moving from plaintext to encrypted values in an existing application, securing Analysis Services Objects, Managed Service Accounts, OS rights needed by the DBA, SQL Agent Security, Table Permissions, Views, Stored Procedures, Functions, Service Broker Objects, and much more.
- Presents hands-on techniques for protecting your SQL Server database from intrusion and attack
- Provides the most in-depth coverage of all aspects of SQL Server database security, including a wealth of new material on Microsoft SQL Server 2014.
- Explains how to set up your database securely, how to determine when someone tries to break in, what the intruder has accessed or damaged, and how to respond and mitigate damage if an intrusion occurs.
List of contents
- Identifying Security Requirements
- Securing the Network
- Key Management
- Database Encryption
- SQL Account Security
- Core Engine Instance Specifics
- Analysis Services
- Reporting Services
- SQL Injection Attacks
- Database Backup Security
- Storage Area Network Security
- Auditing for Security
- Server Rights
- SQL Agent Security
- Object Permissions
Appendices
About the author
Denny Cherry (MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5. In 2009, Denny was named as a Microsoft MVP for the Microsoft SQL Server product, and in 2011 Denny earned the Microsoft Certified Master certification for SQL Server 2008. Denny has written dozens of articles for a variety of websites as well as print magazines on a variety of subjects including SQL Server, Clustering, Storage Configuration, and SharePoint.
Report
"This book is recommended to both students and database administrators and staff. After reading it, users will better understand the security risks of database systems and the roles of security policies and security methods...a benchmark in terms of practice for securing databases." --Computing Reviews
"Denny Cherry is what would happen if Bill Gates and AC/DC got together to create a sibling. He's a bare-knuckles, no-holds-barred technologist, and you can bet that if he tells you that something works or doesn't work, he's speaking from experience. Active in the community, his passion is sharing. You'll enjoy this book." --Bucky Wood, Senior Technology Specialist, Microsoft
