Security, when possible, should follow the KISS principle: Keep It Simple, Stupid! The more unnecessarily complex security is, the more likely for a weakness or vulnerability to work its way in. Therefore, it's best to start looking at security from the top down. Going the other direction tends to leave us overwhelmed in the details.
In this presentation, we'll look at SQL Server security from the top down. We'll consider particular scenarios that come up often in deployed systems and talk through how to implement security using the various options we have available: Windows users and groups, SQL Server logins, server and database roles, and object-level permissions. By covering these examples from a top-down perspective, we'll be able to delineate our security goals and work towards the best way to implement them. Our scenarios will include examples from 3rd party application deployments as well as home grown solutions.
K. Brian Kelley is a SQL Server author, columnist, and Microsoft MVP focusing primarily on SQL Server and Windows security. In addition to being a database administrator, he has served as an infrastructure and security architect encompassing solutions with Citrix, virtualization, and Active Directory. Brian is also a Certified Information Systems Auditor (CISA) and has been the head of a financial organizationís computer incident response team. Brian is active in the IT community having spoken at DevConnections, SQL Saturdays, code camps, and user groups. He is also the President of the Midlands PASS Chapter, a Professional Association for SQL Server Chapter located in Columbia, SC.
To access materials please fill out the form below.