I mentioned in a previous post that you should check your applications for SQL Server Injection attacks. That brings up the entire process of security auditing.
You should have a process in place, whether that is based on triggers, a manual scan or a script-compare, that shows you any changes in your security settings. In a future post I'll create this kind of process, but you should at least review your security logs now. There's a great new book about SQL Server Security here.
Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.