Thursday, August 6, 2015

What is Attack Surface Area?

It is not something unusual to be seen, most of us, during the installation of SQL Server, most of the components of SQL Server are installed even though they are not intended to use. It is true that features given with SQL Server add extra benefits and functionalities to the organization but they come with certain amount of risk as well. This introduces Attack Surface Area: the attack surface is the set of points that an attacker can try to access data.

For an example, during the SQL Server installation, we can enable either Windows Authentication or Mixed Mode. Enabling Mixed Mode allows users to connect with non-Windows accounts but introduces a security risk too. Likewise, there are components such as Ad-Hoc Distributed Quaries, CLR, Xp_CmdShell and Database Mail. Certainly, these are very important features but should not be installed if they are not required. This minimizes the attack surface area reducing the opportunities for security vulnerabilities. Not only that it reduces the resource utilization and cost of management of added extra features.

No comments: