Assessing SQL Server User Vulnerability and Data Loss

Abstract

By using the tools provided by SQL server we are going to verify some parameters on the database user accounts to determine their vulnerabilities. Run scripts to check if the users have their account passwords set to expire or if they have not changed their password in a while since this is a security vulnerability. We want to prevent a malicious user or a hacker to access out data and compromise information and suffer data loss. In this project we are going to develop a trigger that checks whether the user account expiration has been unchanged in a long time and user built-in tools like reporting services to help the system administrator to disable accounts that haven’t change their password or notify if the user still active. Also, we are going to assessthe recovery of data that has been erased at a row level by making use of the transaction log. Key Terms - Account Vulnerability, Backup, MS-SQL, Privacy.