SQL Server 2005 Toes Trustworthy Line

SQL Server 2005 reduces the number of potential points of attack at install time by adhering to the principle of “secure by default,” part of Microsoft’s companywide Trustworthy Computing initiative. In addition, the release addresses a number of security deficiencies in previous SQL Server releases, helping SQL Server 2005 administrators more easily manage database security. However, some new features may cause compatibility problems with existing applications or procedures.

Secure by Default

According to the secure-by-default principle, software must install in its most secure configuration and remain in that state until the user or administrator actively changes the configuration. For example, if a product is secure by default, only a minimal set of features are available on installation, and any additional features require administrator authentication before they can be installed or activated. This makes the product considerably less vulnerable to attack.

Many SQL Server 2005 services and features, such as Analysis Services and Integration Services, require administrator action before they will run. SQL Server 2005 includes a new utility (called the Surface Area Configuration Tool) to help administrators configure servers. The tool provides a graphical user interface that allows administrators to enable or disable SQL Server services, features, and communications protocols.