SQL Server Security blog
I need, You need, We all need Security
   2 min read    Rob Kraft

Microsoft’s SQL Server product, like so many software products, can be vulnerable to unwanted actions that cause harm to organizations. The responsibility for making a SQL Server secure does not rest with a security team, nor a DBA, nor a network administrator. It requires people in all of these roles to take the appropriate steps. It also requires software developers to write applications that mitigate the risk of SQL Injection. Finally, it requires ongoing surveillance to ensure security remains strong.
more