Skip to main content
SpringerLink
Log in
Apress
Book cover

Securing SQL Server

DBAs Defending the Database

  • Book
  • © 2016

Overview

Authors:
  1. Peter A. Carter

    1. Botley, United Kingdom

    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Provides real-world examples and discussion on the implementation of security

  • Helps in implementing an encryption strategy that best suits your needs

  • Promotes a proactive approach to security, including threat analysis and defence-in-depth

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 19.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (9 chapters)

  1. Front Matter

    Pages i-xix
    Download chapter PDF

  2. Threat Analysis

    • Peter A. Carter
    Pages 1-13

  3. SQL Server Security Model

    • Peter A. Carter
    Pages 15-33

  4. SQL Server Audit

    • Peter A. Carter
    Pages 35-53

  5. Data-Level Security

    • Peter A. Carter
    Pages 55-67

  6. Encryption in SQL Server

    • Peter A. Carter
    Pages 69-96

  7. Security Metadata

    • Peter A. Carter
    Pages 97-115

  8. Implementing Service Accounts for Security

    • Peter A. Carter
    Pages 117-128

  9. Protecting Credentials

    • Peter A. Carter
    Pages 129-142

  10. Reducing the Attack Surface

    • Peter A. Carter
    Pages 143-160

  11. Back Matter

    Pages 161-164
    Download chapter PDF
Back to top

Keywords

About this book

Protect your data from attack by using SQL Server technologies to implement a defense-in-depth strategy, performing threat analysis, and encrypting sensitive data as a last line of defense against compromise. The multi-layered approach in this book helps ensure that a single breach doesn't lead to loss or compromise of your data that is confidential and important to the business. 


Database professionals in today's world deal increasingly often with repeated data attacks against high-profile organizations and sensitive data. It is more important than ever to keep your company’s data secure. Securing SQL Server demonstrates how administrators and developers can both play their part in the protection of a SQL Server environment.


This book provides a comprehensive technical guide to the security model, and to encryption within SQL Server, including coverage of the latest security technologies such as Always Encrypted, Dynamic Data Masking, and Row Level Security. Most importantly, the book gives practical advice and engaging examples on how to defend your data -- and ultimately your job! -- against attack and compromise.

  • Covers the latest security technologies, including Always Encrypted, Dynamic Data Masking, and Row Level Security
  • Promotes security best-practice and strategies for defense-in-depth of business-critical database assets 
  • Gives advice on performing threat analysis and reducing the attack surface that your database presents to the outside world

What You Will Learn
  • Perform threat analysis
  • Implement access level control and data encryption
  • Avoid non-reputability by implementing comprehensive auditing
  • Use security metadata to ensure your security policies are enforced
  • Apply the latest SQL Server technologies to increase data security
  • Mitigate the risk of credentials being stolen

Who This Book Is For 


SQL Server database administrators who need to understand and counteract the threat of attacks against their company’s data. The book is also of interest to database administrators of other platforms, as several of the attack techniques are easily generalized beyond SQL Server and to other database brands.

Authors and Affiliations

  • Botley, United Kingdom

    Peter A. Carter

About the author

Peter A Carter is a SQL Server expert, with over a decade of experience in developing, administering, and architecting SQL Server platforms and data-tier applications. Peter was awarded an MCC by Microsoft in 2011 to sit alongside his array of MCTS, MCITP, MCSA and MCSE certifications in SQL Server from version 2005 onwards. His passion for SQL Server shows through in everything he does, and his goal is that his passion for the technology will inspire others.

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation