What are the security risks of using hosted SQL

5 pts.
Tags:
Hosted servers
Hosted services
SQL Server
SQL Server Hosted Servers
SQL Server security
B"H Where ever I look I see that no one recommends having your SQL Server available on the Internet (public ip). Everyone says that you should only have local machines access your sql. If you need to access your sql then you should VPN into your secure network and then have access. or you should proxy your request through a webservice which gives you the exact data you need. Yet on the other hand I see many companies ready to host SQL and everyone is pushing the cloud. So what are the security risks of leaving your SQL on the net and how is that mitigated or not applicable when we are talking about SQL Azure from Microsoft, or MySQL in the cloud from amazon or google, or hosting SQL at any of the hosting solutions out there? Thank you.

Answer Wiki

Thanks. We'll let you know when a new response is added.

When you host your database server on the public internet and have no rules preventing the public internet from accessing it are the same no matter what platform you use. There is the risk of a brute force attack against the database using the administrator account. These admin accounts always have the same username (root for mysql, sa for MS SQL, and system for Oracle) so the only issue becomes finding the password.

Hosting providers (and Microsoft via SQL Azure) will set an extremely hard to find password, and they will change this password on a regular basis.

It is still a best practice to not allow direct access to the database. In fact many hosting providers do not allow direct access to the database servers.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Kevin Beaver
    At least consider setting up a VPN tunnel between your server and your other systems.
    16,885 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following