<div>
I have already done this:<br />
<br />
* Remove Built in administrator user from SQL Server<br />
* Create a user with sysadmin priviledge and Disable sa account.<br />
* Grant only the required priviledges for users in your SQL Server..<br />
<br />
(got those from another thread)<br />
<br />
thanks!
</div>


I have already done this:

* Remove Built in administrator user from SQL Server
* Create a user with sysadmin priviledge and Disable sa account.
* Grant only the required priviledges for users in your SQL Server..

(got those from another thread)

thanks!

<div>
<div class="content wysiwyg-content">
I'm looking for a good checklist for security measures to take on a SQL server. The server is in our server-LAN and It contains databases for several different systems. Some are in the DMZ of our ISA-server. &nbsp;
</div>
</div>


I'm looking for a good checklist for security measures to take on a SQL server. The server is in our server-LAN and It contains databases for several different systems. Some are in the DMZ of our ISA-server.  

Security checklist for MS SQL (2005)

Microsoft SQL Server is a suite of relational database management system (RDBMS) products providing multi-user database access functionality.SQL Server is available in multiple versions, typically identified by release year, and versions are subdivided into editions to distinguish between product functionality. Component services include integration (SSIS), reporting (SSRS), analysis (SSAS), data quality, master data, T-SQL and performance tuning.

Microsoft SQL Server

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.