The past few weeks I've seen a lot of posts on security and encryption, which has me questioning some of the practices that I've implemented at many of my previous jobs. Security is a tough thing to do well, and it requires regular vigilance. I also think it requires the ability to question what you've done on a regular basis and ensure you are not sticking with a flawed method of protection.
In most of my past jobs, I've implemented security like this:
- Separate service accounts for all services, complex passwords not written down
- Common administrator password for all machines (or for large groups of machines)
- Common sa password for all instances
- Change administrator and sa passwords regularly (30-60 days)
My logic has always been that we can change service account passwords, but we want these secure. So a long, random list of numbers, letters, characters that don't need to be stored. These might exist for years, so make them essentially un-crackable.
For passwords, we have to deal with these as humans, often daily as we log in and out of machines. So let's have something we can deal with. To me that's been a few passwords that we can remember (avoiding the sticky note problem) and then changing them often enough so that they can't easily be hacked.
I'm not sure that's the best method, or even a good one, but it appeared to work well for me. But for a Friday poll, I wanted to get some other opinions:
Do you use the same password for many instances or separate ones?
I'm wondering if you think that having separate passwords is a better way of implementing security without creating a huge management issue for your staff. At one company we used Password Safe to store a series of passwords for our machines, and allowed all admins access to the database on a share. However we still had large groups of servers with common passwords because changing them every 30 days was a huge chore. Separate passwords for every machine would likely have meant a 1/4 FTE or more just to handle changing passwords!
These days with encryption becoming a bigger part of our environments, I think you'd have to also add those keys to your list of security items. I'd think that you would have separate keys for encrypting data, but what about the passwords to secure those keys? Keep them the same and re-encrypt regularly?
Let us know this Friday how you handle your password security.
The Voice of the DBA Podcasts
The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there.
You can also follow Steve Jones on Twitter:
or now on iTunes!
Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.
I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.