One of the most important responsibilities of a SQL Server Database Administrator is to make sure that the SQL Servers instances which they manage are completely secure. Securing SQL Server is not as simple as just ensuring that the unused features of SQL Server are not enabled unless they are really required. In my last article titled Surface Area Configuration Using Policy Based Management we discussed the different features which are disabled by default and and how you can enable then in SQL Server 2008 if required. Database Administrators should also periodically analysis SQL Server permissions in order to ensure that there are no logins and users who are have unwanted SQL Server and Database access respectively. If there are any such logins or users existing then they should be removed. In this article we will see how database administrators can analysis SQL Server permissions on both SQL Server 2005 and SQL Server 2008 systems.
The article continues at http://www.sql-server-performance.com/articles/dba/Analyzing_SQL_Server_Permissions_p1.aspx