GilaMonster (9/7/2013)
Don't use sa. Use specific accounts for specific users with minimal permissions. Strong passwords or preferably windows authentication.
+1. In fact, just disable the sa login completely. If you have Windows logins that are members of the sysadmin group, you'll have access.