Every once and a while we hear about the nightmare situation where a SQL Server has been broken into and data has been stolen. All to often when this happens because the SQL Server is exposed directly to the public Internet. When you ask people why the SQL Server is connected to the Internet the answer is pretty much always the same, to make it easier to manage so that they don’t have to RDP to the server and manage it from there.
While this is easier, is sure isn’t the safest solution. A much better solution would be to setup a VPN Network between the office and the data center so that the connection is secured so that people from the public Internet can’t access the SQL Server’s connection. This will prevent people who aren’t supposed to be connecting to the SQL Server from connecting to the SQL Server.
I talk about this more in Chapter 1 of “Securing SQL Server”. Check it out on Amazon, which will actually let you read a good portion of Chapter 1 online for free.
One thought on “Exposing SQL Server to the public Internet is a pretty bad idea”