Microsoft SQL Server 2000 High Availability

The most basic ”and arguably the most important ”thing you can do from an administrative standpoint is to secure your Microsoft SQL Server 2000 instances. Beyond the obvious steps of putting your servers in racks, locking cases, and physically securing data centers (all of which were discussed in Chapter 2, The Basics of Achieving High Availability ), how can you specifically secure things at the operating system and SQL Server layers ? You need to address multiple threats. A few years ago it might have been good enough to throw up a firewall and make sure that your SQL Server was isolated. Unfortunately, the game has changed. Worms, viruses, and denial of service attacks ”some of which are directed at your database, others of which are not ”can compromise your data s security.

When a Web site pops up on the evening news in a story about how it was hacked, it is a glaring example of how something can be compromised. But how do you measure what was compromised ” especially sensitive data? Because many systems now access both internal and external systems, the potential for someone gaining unauthorized access increases dramatically unless you have dedicated security professionals making sure that you are protected. There have recently been cases where hackers have broken into an e- commerce site or into a bank and compromised large numbers of credit cards. Or think about the recent rash of identity theft. Do not assume it cannot happen to you or your systems. As important as your platform s availability is, it is your data s availability and security that you are really protecting. However, the reality is that sometimes security and availability do not always play nicely together in the sandbox, and you might have to make tradeoffs one way or the other.

Securing Your SQL Server Installations

You can do several things to ensure that your physical SQL Server installations are secure.

Securing Your SQL Server “Based Applications

As a database administrator (DBA), or as someone who will be performing database- related tasks , whether you like it or not, you are responsible for every application s database in your environment. Although you might control the back end, developers control the front end. It is in your best interests to validate custom database-specific code and ensure that packaged applications will work with your security model. Here are some tips to consider:

Категории