User347430248 posted
Hi
Raja.India,
you need to take care about many things to secure SQL Server and your database.
Physical Security
Best practices for physical security strictly limit access to the physical server and hardware components.
For example, use locked rooms with restricted access for the database server hardware and networking devices.
In addition, limit access to backup media by storing it at a secure offsite location.
Operating System Security
Operating system service packs and upgrades include important security enhancements.
Apply all updates and upgrades to the operating system after you test them with the database applications.
SQL Server Operating System Files Security:
SQL Server uses operating system files for operation and data storage.
Best practices for file security requires that you restrict access to these files.
Principals and Database Object Security:
Principals are the individuals, groups, and processes granted access to SQL Server.
“Securables” are the server, database, and objects the database contains.
Each has a set of permissions that can be configured to help reduce the SQL Server surface area.
Encryption and Certificates:
Encryption does not solve access control problems. However,
it enhances security by limiting data loss even in the rare occurrence that access controls are bypassed.
For example, if the database host computer is misconfigured and a malicious user obtains sensitive data,
such as credit card numbers, that stolen information might be useless if it is encrypted.
Reference:
Securing SQL Server
other links that may give you some more information
How to Secure a Microsoft SQL Server 2012/2014 Database?
Top 10 security considerations for your SQL Server instances
SQL Server Security Tips
Regards
Deepak
