SQL 2008 server in Amazon cloud, how to do security?


We have a SQL Server 2008 std on W2k8 Srv.   SQL instance has about 20 separate databases, for access by our different clients with their own login creds.   Our current security is that clients RDP into our LAN, everything inside our 192.x network.    Our primary app is written in VB6 enterprise with connects to the SQL database.

If we move to Amazon AWS, it'll be like moving our existing SQL to public facing internet.  We're also planing to move the VB6 App to the individual desktops of the clients, which effectively takes everyone off our network completely.  The cloud.

We're asking for advice on finding the best, not too expensive, easy would be a plus, way to secure the public SQL box?    Maybe our apps need some specific security programmed in APIs?  Tokens?  SSL?  Tunnel?   We already did the basics things like avoiding port 1433, and strong creds policies, etc, but these are weak.    We're seeking direction to secure a public SQL Server.


LVL 1
JReamAsked:
Who is Participating?
 
shalomcCTOCommented:
just follow the rules in any good SQL hardening guide.
I like this one as a reference
http://www.slideshare.net/markginnebaugh/mistry-hardening-sql-server-2008-implementation-windows-server-presentation

Also, do not neglect the OS side. Use the EC2 security groups to limit DB access only from trusted locations, and to limit RDP access only from the other trusted locations.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.