SQL Server Risk Assessment – The PMP Way

Nov 3, 2013 / By Hemantgiri Goswami

Tags: , , , , , ,

small__5537894072Recently I had a chance to speak with my friend and colleague, Ashish Sharma. We were discussing Project Management topics (he recently passed PMP and ACP). Our discussion ended on a very interesting topic – RISK Assessment.

Definition: According to PMBOK, projects can have unforeseen events or activities that can impact the project’s progress, result, or outcome in a negative or positive way. Further, a risk can be assessed using two factors – impact and probability. Determining the quantitative or qualitative value of risk related to a specific situation or recognized threat is known as Risk Assessment.

So, coming to my point, how do we apply a risk assessment framework for database systems, especially SQL Server?

I, myself, have never created or used a Risk Register for SQL Server. Hence, I decided to do a little more research on the subject. I found absolutely nothing on this particular topic. However, while searching for SQL Server security, I found an article I wrote in 2009 that provides tips on protecting data. 

After spending some time researching, I found a good sample Risk Register that we can use. You can download it here.

Now, this is what we have for a Risk Register. What about threats?

Below, I have identified all of the threats I can think of:

Possible Threats

Risk Mitigation

Virus Attack Install AV on DB Server,however, do not forget to exclude SQL Server files
Unauthorized Logins Always use Audit (C2, Windows, SQL or both) failed login attempts and analyze them regularly. Always, rename SA / Admin account and use strong password mechanism for all the servers. If possible always try to use domain authenticated accounts.
MiM Attack To mitigate a MiM attack do the following :

  1. Isolate database server from Application / IIS Server
  2. Configure SQL Server to use non-default port
  3. Use Encryption / SSL
  4. Use Firewall inbound / outbound rules
Root Access To avoid someone getting root access do following:

  1. Disable / Rename in-built Admin account
  2. Grant least access to Service Account
  3. Use strong / random password
SQL Injection Do following:

  1. Avoid using Dynamic SQL when you can
  2. Use parameterized query / stored procedure
  3. Always validate the value at form level be