Professional Microsoft SQL Server 2014 Administration
by Adam Jorgensen, Bradley Ball, Steven Wort, Ross LoForte, Brian Knight
Chapter 8Securing the Database Instance
WHAT'S IN THIS CHAPTER?
- Understanding SQL Server authentication types
- Understanding Windows authentication types
- Authorizing object-level security
- Maintaining row-level security
WROX.COM CODE DOWNLOADS FOR THIS CHAPTER
The wrox.com code downloads for this chapter are found at www.wrox.com/go/prosql2014admin on the Download Code tab. The code is in the Chapter 8 download and individually named according to the names throughout the chapter.
Security of a Microsoft SQL Server instance is probably one of the least sexy topics out there today. And, unfortunately, that will probably remain the case for many years to come, if not forever. However, proper security for the database instance is extremely important because without it, there is no way to guarantee that the data stored within the SQL Server instance is the data expected to be there.
Changes that an attacker could make to the data within an instance of SQL Server could be as small as simply changing names or changing the prices for products, to injecting JavaScript or HTML that is served to customers or employees via their web browser, which then executes unexpected code on their machine. These changes could be minor; however, more than likely, they could install some sort of dangerous application on the user's computer such as a Trojan horse or key logger.
So, in reality, anything can happen, and it is best to be prepared for all scenarios. Your corporate databases are key strategic ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access