“Performing major tasks to securely administer Adaptive Server” describes the major tasks that are required to securely administer Adaptive Server and refers you to the documentation that contains the instructions for performing each task.
Performing major tasks
to securely administer Adaptive Server
Install Adaptive Server, including auditing – includes preparing for installation, loading files from your distribution medium, performing the actual installation, and administering required physical resources. See the installation documentation for your platform and Chapter 10, “Auditing.”
Set up a secure administrative environment – Set up system administrators and system security officers, create login profiles and establish password and login policies. See Chapter 3, “Managing Adaptive Server Logins and Database Users.”
Set up logins, database users and roles – Add user logins to the server and assign login profiles to them. Create user defined roles, define role hierarchies and mutual exclusivity of roles, and assign roles to logins. Add users to databases. See Chapter 3, “Managing Adaptive Server Logins and Database Users.”
Administer permissions for users, groups, and roles – Grant and revoke permissions for certain SQL commands, executing certain system procedures, and accessing databases, tables, particular table columns, and views. Create access rules to enforce fine-grained access control. See Chapter 6, “Managing User Permissions.”
Configure encryption in your database to encrypt sensitive data in tables. Encrypt sensitive data – Configure Adaptive Server to use column-level encryption, decide which columnar data to encrypt, perform a one-time key creation operation, and use alter table to perform initial data encryption. See Users Guide for Encrypted Columns.
Establish integrity controls over data – Add check constraints, domain roles, and referential constraints to validate incoming data. See Transact-SQL Users guide and Reference Manual: Commands.
Set up and maintain auditing – Determine what is to be audited, audit the use of Adaptive Server, and use the audit trail to detect penetration of the system and misuse of resources. See Chapter 10, “Auditing,” and the Adaptive Server installation and configuration documentation for your platform.
Set up your installation for advanced authentication mechanisms and network security – Configure the server to use services, such as LDAP, PAM, or Kerberos- based user authentication, data confidentiality with encryption, data integrity. See Chapter 5, “External Authentication” and Chapter 9, “Confidentiality of Data.”
