Microsoft SQL hardening

We offer Microsoft SQL database configuration security audit as a Microsoft Windows system configuration security audit extension.

The objective is to review MS SQL databases configuration and to evaluate it’s data security. In adition to founded weaknesses the audit also includes technical recommendations for their removing.

Supported MS SQL versions

Platforms, which are supported by our audit services:

  • Microsoft SQL Server 2000 / 2005 / 2008

  • We support 32-bit and 64-bit platforms

Security audit needs short configuration data collection (less than 1 hour) on an audited server – remote access is sufficient. Data collection is made with database administrator’s assistance via privileged account. Collected configuration data are processed outside a customer’s seat.

Audit scope

MS SQL database system configuration security audit usually includes following areas:

ID Area
1. Basic Configuration
2. Access Protocols
3. System services
4. SQL Agent
5. Authentication
6. Remote access – Remote Servers
7. Remote access – Linked Servers
8. Server authorization
9. Database schemes
10. Database Users
11. Important DB users and roles attributes
12. Application roles
13. Non/Standard DB Roles
14. Key privileges, object ownership assignation, etc.

Any questions?

If you are interested in more details please contact us.

Ask by e-mail