Always sa

James Anderson rails on inappropriate sa account usage:

I can already hear managers saying:

If you don’t trust your employees, why employ them in the first place?

Well there is the whole accidental damage thing. I guess you could cover that by having a good backup\restore process (if your RTO and RPO permitted the downtime) but don’t expect to pass any security audits coming your way. Hint: your clients wont like this.

Plus, supposing everybody knows the sa account, there’s no way to know who accidentally(?) dropped the customer database.

Related Posts

Blob Auditing For Azure SQL Database

Patrick Keisler shows how to use Blob Auditing with Azure SQL Database to log database activity: If you have multiple objects or actions to audit, then just separate them with a comma, just like the AuditActionGroups parameter. The one key piece to remember is you must specify all audit actions and action groups together with […]

Read More

Learn SQL Server Security Via E-mails

Chris Bell has announced a free e-mail course for learning the basics of SQL Server security: Today I am very excited to announce that I have (finally!) launched my email course covering the basics of SQL Server Security. This has been a lot of work to get a new system in place to make the […]

Read More

Categories

March 2017
MTWTFSS
« Feb Apr »
 12345
6789101112
13141516171819
20212223242526
2728293031