This weekend, I was installing SQL Server 2000 on one of my client's servers (essentially upgrading from SQL Server 7.0). I was looking for a good SQL Server resource on security in my library when I found this: SQL Server Security by Chip Andrews, David Litchfield, and Bill Grindlay (published 2003). I read a few chapters for a quick review, and so far this is an impressive book. It is an easy read, but it is also full of very useful information. The best part, and especially for me this weekend, was the extensive security checklist included at the end of the book. This details how to lock down SQL Server (7.0 or 2000) after it has been installed.
Here is a summary of the chapters in the book:
Most of this was a review for me, but I found some fresh ideas about how to set up a more secure developer database environment. Overall, it's a great book, and I highly recommend it to anyone developing applications using SQL Server.