* * Disclaimer ** Use this script at your own risk. This script works on SQL 2012 and higher.
#Server user activity audit how to#
If security issues are found, explanation(s) and recommendation(s)Īre show and how to made the change(s) with either SSMS or T-SQL script(s). The report shows the summary of the server's information, analyzes of possible dangerous setting andĪnalyzes the security configuration. This script will analyze the SQL Server setting and produce a report on the findings QL Server nalysis and ecurity udit ool (SASAT) Also see my article "SQL Server System Audit Report" to learn more /*
Therefore I wrote my own T-SQL script to help and is based on best practices from Microsoft, CIS (Center for Internet Security) and others with the results verified with Nessus application from Tenable. Over the years I have not found a simple, easy to use, and free tool to help with the evaluation of the system. For example, does this application require features like Full Text Search or Analysis Services? Are you using the default port number? Which protocols are turned on but not used? Depending on the answer these could increase the possibility of security risks. However this can change with the features you install and/or settings that are changed. The DBA(s) needs to configure the system to minimize the “attack surface” (reducing security risks) to help in the protection of the business data.Ĭurrently when installing later versions of SQL Server, Microsoft does its best to secure the system. Ensuring that your SQL Server is secure is the job of every Database Administrator (DBA). With every technology, security is in the forefront of the minds of professionals around the world.
0 kommentar(er)
