SQL Server Lockdown in Six Steps
Duration: 60 minutes
Track: Enterprise Database Administration & Deployment
I will review the fundamentals needed to define a configurable permission model that allows database administrators to do routine work without having unfettered access to business data.
I will demonstrate that many DBA tasks can be done without sysadmin access and explain what permissions are required for the most common tasks. Attendees will learn how to deploy a permission model that allows DBAs to do routine work and how to elevate permissions quickly to respond to emergencies.
I will demonstrate T-SQL and PowerShell scripts that secure the database server, undo the permission model in case of unforeseen circumstances, and discover which servers are non-compliant.
Attendees will leave this session with the realization that DBAs don’t need to be sysadmin as often as typically believed, that most administration tasks can be done without elevated permissions, and with the means to deploy this model in their own environment.