OK Steve, you have me interested. I consider SQL Security to be as complex as anything I have seen. I have zero issues configuring my Windows server to be as secure as possible. I think I know enough to do things right, but I don't know "why" to choose one selection over another. Vendors still push for "sa" accounts for access and there is little I can do when I am told to implement a system with that poor of a design, but there are systems that I have more control over. The article above yours mentions "teaching a man (woman) to fish".

What do you suggest as the best resource for security in SQL Server 2008 R2?

Preferably a nice set of articles like the ones SQLServerCentral is doing for SSRS, or how about a good book, maybe even a blog somewhere?

Even those of us who consider themselves experts in this vein should benefit by reading more about it. For those of us who struggle with it, good information can be trememndous. I know BO has information, but to me that is more of a reference, and useful once you know what you want to do. A good primer, followed by good detail, is usually easier for most of us to pick up.

Dave