SQL Server Hardening
Server Hardening is one of the most important tasks to be done on your servers, once you understand just how vulnerable servers are “out of the box.” The default configuration of most operating systems are not designed with security as the primary focus. Instead, default setups focus more on usability, communications, and functionality. To protect your servers, you must establish solid and sophisticated server hardening policies for all servers in your system’s network.One best practice solution is SQL Server Hardening, and as with all servers, once connected to the Internet, they are vulnerable to cyber attacks. What sets the SQL server apart from other servers is the function it performs. SQL servers are a relational database management system. These databases and the information contained are what make SQL servers a target for hackers and the reason that all SQL servers should be hardened at install and continually monitored for updates and changes.
Hardening the SQL servers is a fundamental first step in a cyber security program. SQL servers are ICS critical assets, and any compromise to one of these servers can have a devastating impact on business. Most successful SQL server cyber attacks can be tracked back to a basic lack of best practices: badly configured user accounts, missing patches, and weak passwords resulting from lack of password policies.
The main threats to a SQL server are:
- Indirect attack—SQL injection
- Direct—exploit attack
- Cracking SA Password
- Google hacks
- Remote access policies
- Server authentication mode(s)
- Server account policies
- System privileges policies
- SA account policies
- Server services accounts
- Patch management
- Security logging
No comments:
Post a Comment