Plan SQL Server Database Security

Although the SQL Server database will contain no user passwords or other highly confidential information, it will contain a list of user accounts, information about what users are allowed to access what resources, and other information that could be used for nefarious purposes. In considering the security of the database, you should ask yourself several questions:

  • Who will be allowed to write to the database?
  • Who will be allowed to read from the database?
  • What accounts will be used to access the database?

Data is written to the database in several cases:

  • When a collector copies events to the database.
  • When the LDBUpdate process writes information from Active Directory to the database.
  • When administrators perform maintenance operations on the database (for example, creating or restoring event archives).