Database Security
Microsoft SQL Server can be accessed with username/password pairs and also by using integrated authentication. It is strongly recommended that only integrated authentication be used for SQL Server systems.
The CCF default installation has different roles for database users. Agents should not have direct access to a database. Instead, they should always use applications—which control database access— to work with data stored in a database.
The database should not be accessed from a client desktop, but only via Web services. This controls the access that agents have. Logging of database errors should be done on the Web services, and the logs should not be made visible to agents.
Any access to the database should be through parameterized stored procedures. Using SQL statements from code can create problems because this approach might permit the insertion of SQL statements. Under such conditions, a user could enter data that included a SQL statement that, when run, modified the database or returned confidential data that the user was not supposed to receive.
The privileges set for stored procedures should be based on who needs to use them. For instance, agents should not be permitted to run administrative stored procedures.
Finally, you should encrypt all personal information in the database. This includes customer identification and call records, because they might contain information such as credit card numbers.
Writing Secure Code (Second Edition) has an excellent section on database security.