K. Brian Kelley Microsoft Data Platform MVP and Infrastructure & Security Architect Brian Kelley is an author, columnist, and Microsoft Data Platform (SQL Server) MVP focusing primarily on SQL Server security. Brian currently serves as a infrastructure and security architect working primarily with Active Directory, SQL Server, and Windows Server. He has served in a myriad of other positions including senior database administrator and architect, developer, incident response team lead, and project manager. He is currently one of the editors of the SQL Server benchmarks at the Center for Internet Security.
Slides will be posted on Brian’s blog:
Databases – Infrastructure – Security
Follow Brian on Twitter, @kbriankelley, and LinkedIn |
Performing a SQL Server Security Risk Assessment
You have one or more SQL Servers and you want to assess the security of each. What’s a priority? What puts your organization at the greatest risk? What should you attack first?
In this presentation, we’ll look at how to do a security risk assessment of SQL Server. We’ll cover the common big ticket items, the ones that could lead to a server breach, data loss, or a system becoming unavailable due to mismanagement. Also, we’ll discuss how to assess other items which you may find and how to rank and prioritize them. Armed with this information, you’ll be better equipped to provide a to do list to your management with justifications and relative impact for each proposed change.
|