Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
learntsql
524 Posts |
 Posted - 2011-02-24 : 00:22:18
|
| Hi All,we are planing to implement security concepts in our all projects.Primarly we planned to implement basics like 1.disable SA login2.create individual login for each developer.3.one SQL Admin account for each project to put in application.Please guide me what else we missed as part basic security administration and also guide what is the step by step process to be followed?What other concepts can be impemented?How to prepare the documentation?Please guide me.TIA. |
|
|
learntsql
524 Posts |
Posted - 2011-03-01 : 01:44:16
|
| Gurus any Idea/help.... |
 |
|
|
Sachin.Nand
2937 Posts |
Posted - 2011-03-01 : 02:57:48
|
quote:
1.disable SA login
Thats a good idea.But my advice would be to rename it to something else so that it cant be guessed.Something like Alter Login [sa] With Name='MySA'quote:
2.create individual login for each developer.
It makes sense but from maintenance prespective it will be an overhead.Instead create a UserGroup in your domain, add the windows login of the developers in that UserGroup and map that login to the desired database.I wouldnt go with individual SQL login for each developer.quote:
3.one SQL Admin account for each project to put in application.
Why do you need an Admin Account to put in application ? Create a login which are mapped to sp_datareader and sp_datawriter roles only.PBUH |
|
|
|
learntsql
524 Posts |
Posted - 2011-03-01 : 04:10:38
|
| Thanks a lot Sachin....working on same....any more sugestions are welcome... |
|
|
|
|
|
|
Introducing security