http://www.sqlservercentral.com/blogs/brian_kelley/2011/04/22/why-having-two-accounts-is-a-good-thing/

Printed 2014/08/30 04:26AM

Why having two accounts is a good thing

2011/04/22

Today on Twitter a friend of mine posted that the AV on his SQL Server flagged two trojans that were tied to an IT person in his organization. Naturally I asked about whether they were using two levels of accounts. The answer was, "No." Two accounts? Whatever for?

The reason for the two levels is that if a piece of malware does come through, it runs under the context of the first account (unless it exploits a vulnerability which allows privilege escalation... patching helps mitigate that). That account doesn't have special rights anywhere, so the amount of damage that can be done is limited. Certainly if one's lower-privilege account gets hit, it means none of the servers are in danger (previous proviso excepted).

Using the second account takes a little getting used to, but it's not hard. Basically you're going to use Run as Different User by holding shift and right-clicking on the icon or, by using runas /user:*username* *application* if it can be seen from the command-line. This ensures that only the process runs as the privileged user, meaning it's protected.

This is a relatively simple security control to implement. It does mean remembering two password and maintaining two sets of accounts. But it mitigates an account being infected by the normal vectors for malware and then other systems downstream getting hit.



Copyright © 2002-2014 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.