Security Tips

When designing a database in the SQL Server environment, which will be accessed by public sources, here are a few guidelines to keep in mind:

Don't expose more then you have to. In most cases, you will want to retain the majority of your data behind the 'firewall', and supply a mechanism to access this data. Always keep in mind that the any security can be compromised and, as such, preventative measures must be in place that assume that this will occur. One recommendation is to store only high-volume transactional data on the SQL Server that is directly accessed from a Web site. Supportive information can be maintained on a separate secured system, and retrieved as needed using Remote Stored Procedures, or other similar technologies.

© 1997 by Wrox Press. All rights reserved.