* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download IT Security, SQL Server and You!
Survey
Document related concepts
Cross-site scripting wikipedia , lookup
Access control wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Outlook.com wikipedia , lookup
Wireless security wikipedia , lookup
Mobile security wikipedia , lookup
Microsoft Security Essentials wikipedia , lookup
Unix security wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Computer security wikipedia , lookup
Distributed firewall wikipedia , lookup
Security and safety features new to Windows Vista wikipedia , lookup
Security-focused operating system wikipedia , lookup
Transcript
Howard Pincham, MCITP, CISSP Database and Compliance Engineer Hyland Software, Inc. [email protected] Discuss the importance of good security practices. Provide guidance on how to secure SQL Server. Demonstrate repeatable techniques that you can use today! Hottest-selling ’70s/’80s vehicle Most likely to be stolen… why? It was easy to steal Big market for stolen parts Worth the effort to strip “..’cuz that’s where the money is”---Willie Sutton, famed bank robber Cutlass Quarter window and ignition lock Asset Vulnerability Anybody with a screwdriver Threat Likelihood Cutlass is stolen Risk Alarm or kill switch Safeguard You want to access tables in a certain database instance on a laptop. The instance has been hardened by granting access to a single user. The user will not cooperate with you. What actions would you take to access the data? Vulnerability Credentials stored in plaintext Unsecured backup files Unsecured database services and files Poor physical security Safeguard Store credentials in a secure store or network Apply Least Privilege Secure backup folders Encrypt backup files and/or backup volumes Store critical data on systems located in secure rooms or datacenters. You are concerned about the security of data and metadata as it traverses various networks. You suspect that some systems and applications are vulnerable to network based attacks. What actions will you take to test these systems? Vulnerability Untrusted clients can identify and interrogate SQL Server instances Transaction data and SQL logins are transmitted in plaintext SQL login credentials can be configured to allow blank passwords SQL Injection and other hacks can compromise the server Safeguard “Hide” instances, isolate servers Isolate network traffic and/or use encrypted connections Apply password policies, use Windows Authentication Apply single use servers, least privilege and use secure coding. WEBSERVERA Local Area Network SQLSERVERA WEBSERVERA External/Client Untrusted SQLSERVERA Trusted Access Management Network Access Protection Business Continuity Configuration Management Change Management Content Management Data Protection Data Lifecycle Management Disaster Recovery Encryption Key Management Identity Management Network Access Protection Intrusion Detection Retention Management Issue Management Surface Area Configuration Patch Management Security Updates Separation of Duties http://csrc.nist.gov/ http://microsoft.com/security www.sans.org/top20/2002/mssql_checklist.pdf technet.microsoft.com/en-us/library/cc646023.aspx#BKMK_basic technet.microsoft.com/en-us/security/cc184924.aspx www.darkreading.com/database_security http://blogs.msdn.com/b/sqlsecurity/archive/2010/07/26/securitychecklists-on-technet-wiki.aspx http://www.cisecurity.org/tools2/sqlserver/CIS_SQL2005_Benchmark_ v1.1.1.pdf Portqry http://support.microsoft.com/kb/310099 Network Monitor http://blogs.technet.com/b/netmon/ Nessus http://www.nessus.org/nessus/ Metasploit http://www.metasploit.com/ EPM http://epmframework.codeplex.com/ Windows Firewall http://technet.microsoft.com/enus/library/cc732283(WS.10).aspx