Several new security enhancements have been added to SQL Server 2008 to make it more secure and safe.
Some of the new changes are as follows:
- Local Groups Removed from sysadmin: Many local network groups that were added to the sysadmin server role in previous versions are no longer added to this role by default. Some of these accounts include SQLServerMSSQLUser$ COMPUTERNAME $ INSTANCENAME and SQLServerAgentUser$ COMPUTERNAME $ INSTANCENAME.
- BUILTIN\Administrators: This local Windows group is no longer included in the SQL Server sysadmin role. In prior versions, the BUILTIN\Administrators account was part of this role, which enabled network administrators to access SQL Server instance even though they were not given explicit permissions. We still have the option to manually add this group to the sysadmin role..
- Removed Surface Area Configuration (SAC): This was introduced in SQL Server 2005, but it has been removed in SQL Server 2008.