Security Tip of the Month: User Account Control and SQL Server http://go.microsoft.com/?linkid=7243604

By Devendra Tiwari, Microsoft SQL Server Product Team
User Account Control (UAC), a new feature in Windows Vista that helps administrators manage their use of elevated privileges, affects Microsoft SQL Server in terms of connectivity (SQL Server login) and in limiting access to resources on the administrators' access control list (ACL). This article discusses the impact of UAC on SQL Server and presents tips on how to run SQL Server applications securely in Windows Vista and Windows Server 2008.

SQL Server 2005 Security Overview for Database Administrators http://go.microsoft.com/?linkid=7243606

This paper covers some of the most important new security features in SQL Server 2005. It tells you how, as an administrator, you can install SQL Server securely and keep it that way even as applications and users make use of the data stored within.

Security Considerations for SQL Server http://go.microsoft.com/?linkid=7243607

SQL Server 2005 includes a variety of highly precise, configurable security features that can empower administrators to implement defense-in-depth that is optimized for the specific security risks of their environment. Access guidance about password policy, surface-area configuration, credentials, authenticators, and more.

Security Considerations for Databases and Database Applications http://go.microsoft.com/?linkid=7243608

The SQL Server 2005 Database Engine helps you protect data from unauthorized disclosure and tampering. Learn about highly granular authentication, authorization, and validation mechanisms; strong encryption; security context switching and impersonation; and integrated key management.

SQL Server 2005 Security Best Practices: Operational and Administrative Tasks http://go.microsoft.com/?linkid=7243609

This white paper covers some of the operational and administrative tasks associated with SQL Server 2005 security and lists best practices and operational and administrative tasks that will result in a more secure SQL Server system.

Protect Sensitive Data Using Encryption in SQL Server 2005 http://go.microsoft.com/?linkid=7243610

SQL Server 2005 uses strong encryption to provide the best protection for data, a nearly inviolate barrier to exposure. Explore the encryption features in the core database engine of SQL Server 2005, and learn how they can be used to protect data stored there as well as how to allow user interaction with protected data. Also discussed are the various keys used to protect both data and other keys within a database, and how to get information about encryption objects.

Securing Analysis Services http://go.microsoft.com/?linkid=7243612

The process of securing Microsoft SQL Server 2005 Analysis Services (SSAS) occurs at multiple levels. Learn how to secure each instance of Analysis Services and its data sources to make sure that only authorized users have read or read/write permissions to selected cubes, dimensions, cells, mining models, and data sources, and to prevent unauthorized users from maliciously compromising sensitive business information.

ttfn

David