Problem
How often do we do Security Reviews for your SQL Server Instances? We aim to stay on top of security and to be able to so we need to regularly review your Instance security configurations. It’s helpful to build a checklist to be used as part of an internal security audit review, and follow that checklist every time you conduct an audit. I don’t know about you, but the latter sounds boring to me. What would be awesome is to take that checklist and automate the whole SQL Server Security Review.
Solution
The PowerShell Script below will evaluate your Instance level, Database Level Access and SQL Server Security options, and generate a HTML Report for you to check for any potential threats
The Script already has help associated with it so you can download and simply use help to figure out how to use the script or alternatively you can download it to a PS-Scripts folder and provide parameters as shown below,
PS C:\PS-Scripts\Get-SQLSecurityReview -computer ServerName -instance ServerName\SQLInstance -report C:\temp\ServerName-Security_Review.html
Verified on following platforms
- PowerShell v2.0 and higher versions
- Microsoft SQL Server 2008 and higher versions
- Windows Server 2008 and higher versions
Execution View
Download Link
Sample Report
Click here to see the sample SQL Server Security Review Report
Get Help
Get-Help .\Get-SQLSecurityReview.ps1 -Detailed
The 'Cloud' Workbook 