|
Microsoft SQL Server is becoming a more mature, more feature-rich, and more
secure database management system with each new version. SQL Server 2012 is an enterprise-class relational database server. Sometimes, it might not look like it to the staff whose responsibilities are to deploy it, to create databases and write T-SQL code, and to administer it. Since, SQL Server is a Microsoft product, designed to be as easy to install and user friendly as possible, some of its users might not measure the importance of doing things right. The data stored in databases is the company's most precious thing. If a company loses its data, its business is gone and likewise if the data is stolen. We have heard many stories of customers or users whose databases were stolen from the Web. It has even happened to the biggest companies such as Sony (we will talk about Sony's case in this book).
Ok, it's obvious that securing your data is important. But how do you do it? SQL Server runs on Windows, so securing Windows is also involved; it is a client-server application, so securing the network is important; SQL Server needs to allow access to Windows accounts inside a domain, or to SQL Server defined accounts for Web and heterogeneous network access; it needs to read and write backup files that are secured and sometimes the data stored in SQL Server must be protected by encryption. This is a complex environment and securing it requires a set of skills and knowledge that we try to cover in this book in the most practical fashion. This is a cookbook, so all the subjects are presented as recipes, but security also requires knowledge about technologies and practices. You need to know what you are doing, therefore the recipes also contain more detailed explanations. It is also difficult to isolate recipes, so they might be related to each other. For example, in the chapter dedicated to authentication, the flow of recipes details how to create logins, and then how to create database users and map them to logins. So this cookbook can be helpful in two ways—you can pick the recipes you need for the task at hand, but you can also gain benefit by reading it cover to cover, helping you to master all that you need to know to effectively secure SQL Server. |